[Don't merge]: Test error in drone

.drone.yml

@@ -1,17 +1,10 @@
 kind: pipeline
-type: vm
+type: docker
 name: default
 
-pool:
-  use: ubuntu
-
-platform:
-  os: linux
-  arch: amd64
-
 steps:
 - name: build
-  image: golang:1.22
+  image: golang
   commands:
   - go test ./...
   - sh scripts/build.sh
@@ -22,7 +15,6 @@ steps:
     repo: plugins/kaniko
     auto_tag: true
     auto_tag_suffix: linux-amd64
-    daemon_off: false
     dockerfile: docker/docker/Dockerfile.linux.amd64
     username:
       from_secret: docker_username
@@ -30,8 +22,8 @@ steps:
       from_secret: docker_password
   when:
     event:
-      exclude:
-      - pull_request
+    - push
+    - tag
 
 - name: gcr
   image: plugins/docker
@@ -39,7 +31,6 @@ steps:
     repo: plugins/kaniko-gcr
     auto_tag: true
     auto_tag_suffix: linux-amd64
-    daemon_off: false
     dockerfile: docker/gcr/Dockerfile.linux.amd64
     username:
       from_secret: docker_username
@@ -47,25 +38,8 @@ steps:
       from_secret: docker_password
   when:
     event:
-      exclude:
-      - pull_request
-
-- name: gar
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko-gar
-    auto_tag: true
-    auto_tag_suffix: linux-amd64
-    daemon_off: false
-    dockerfile: docker/gar/Dockerfile.linux.amd64
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-        - pull_request
+    - push
+    - tag
 
 - name: ecr
   image: plugins/docker
@@ -73,7 +47,6 @@ steps:
     repo: plugins/kaniko-ecr
     auto_tag: true
     auto_tag_suffix: linux-amd64
-    daemon_off: false
     dockerfile: docker/ecr/Dockerfile.linux.amd64
     username:
       from_secret: docker_username
@@ -81,408 +54,5 @@ steps:
       from_secret: docker_password
   when:
     event:
-      exclude:
-      - pull_request
-
-- name: acr
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko-acr
-    auto_tag: true
-    auto_tag_suffix: linux-amd64
-    daemon_off: false
-    dockerfile: docker/acr/Dockerfile.linux.amd64
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-      - pull_request
-
-- name: docker-kaniko-v1-9
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko
-    auto_tag: true
-    auto_tag_suffix: linux-amd64-kaniko1.9.1
-    daemon_off: false
-    dockerfile: docker/docker/Dockerfile.linux.amd64.kaniko1.9.1
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-      - pull_request
-
-- name: gcr-kaniko-v1-9
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko-gcr
-    auto_tag: true
-    auto_tag_suffix: linux-amd64-kaniko1.9.1
-    daemon_off: false
-    dockerfile: docker/gcr/Dockerfile.linux.amd64.kaniko1.9.1
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-      - pull_request
-
-- name: gar-kaniko-v1-9
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko-gar
-    auto_tag: true
-    auto_tag_suffix: linux-amd64-kaniko1.9.1
-    daemon_off: false
-    dockerfile: docker/gar/Dockerfile.linux.amd64.kaniko1.9.1
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-        - pull_request
-
-- name: ecr-kaniko-v1-9
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko-ecr
-    auto_tag: true
-    auto_tag_suffix: linux-amd64-kaniko1.9.1
-    daemon_off: false
-    dockerfile: docker/ecr/Dockerfile.linux.amd64.kaniko1.9.1
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-      - pull_request
----
-kind: pipeline
-type: vm
-name: arm
-
-pool:
-  use: ubuntu_arm64
-
-steps:
-- name: build
-  image: golang:1.22
-  commands:
-  - go test ./...
-  - sh scripts/build.sh
-
-- name: docker
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko
-    auto_tag: true
-    auto_tag_suffix: linux-arm64
-    daemon_off: false
-    dockerfile: docker/docker/Dockerfile.linux.arm64
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-      - pull_request
-
-- name: gcr
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko-gcr
-    auto_tag: true
-    auto_tag_suffix: linux-arm64
-    daemon_off: false
-    dockerfile: docker/gcr/Dockerfile.linux.arm64
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-      - pull_request
-
-- name: gar
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko-gar
-    auto_tag: true
-    auto_tag_suffix: linux-arm64
-    daemon_off: false
-    dockerfile: docker/gar/Dockerfile.linux.arm64
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-        - pull_request
-
-- name: ecr
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko-ecr
-    auto_tag: true
-    auto_tag_suffix: linux-arm64
-    daemon_off: false
-    dockerfile: docker/ecr/Dockerfile.linux.arm64
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-      - pull_request
-
-- name: acr
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko-acr
-    auto_tag: true
-    auto_tag_suffix: linux-arm64
-    daemon_off: false
-    dockerfile: docker/acr/Dockerfile.linux.arm64
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-      - pull_request
-
-- name: docker-kaniko-v1-9
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko
-    auto_tag: true
-    auto_tag_suffix: linux-arm64-kaniko1.9.1
-    daemon_off: false
-    dockerfile: docker/docker/Dockerfile.linux.arm64.kaniko1.9.1
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-      - pull_request
-
-- name: gcr-kaniko-v1-9
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko-gcr
-    auto_tag: true
-    auto_tag_suffix: linux-arm64-kaniko1.9.1
-    daemon_off: false
-    dockerfile: docker/gcr/Dockerfile.linux.arm64.kaniko1.9.1
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-      - pull_request
-
-- name: gar-kaniko-v1-9
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko-gar
-    auto_tag: true
-    auto_tag_suffix: linux-arm64-kaniko1.9.1
-    daemon_off: false
-    dockerfile: docker/gar/Dockerfile.linux.arm64.kaniko1.9.1
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-        - pull_request
-
-- name: ecr-kaniko-v1-9
-  image: plugins/docker
-  settings:
-    repo: plugins/kaniko-ecr
-    auto_tag: true
-    auto_tag_suffix: linux-arm64-kaniko1.9.1
-    daemon_off: false
-    dockerfile: docker/ecr/Dockerfile.linux.arm64.kaniko1.9.1
-    username:
-      from_secret: docker_username
-    password:
-      from_secret: docker_password
-  when:
-    event:
-      exclude:
-      - pull_request
----
-kind: pipeline
-type: vm
-name: notifications-docker
-
-pool:
-  use: ubuntu
-
-platform:
-  os: linux
-  arch: amd64
-
-steps:
-- name: manifest-docker
-  pull: always
-  image: plugins/manifest
-  settings:
-    auto_tag: true
-    ignore_missing: true
-    password:
-      from_secret: docker_password
-    spec: docker/docker/manifest.tmpl
-    username:
-      from_secret: docker_username
-
-- name: manifest-gcr
-  pull: always
-  image: plugins/manifest
-  settings:
-    auto_tag: true
-    ignore_missing: true
-    password:
-      from_secret: docker_password
-    spec: docker/gcr/manifest.tmpl
-    username:
-      from_secret: docker_username
-
-- name: manifest-gar
-  pull: always
-  image: plugins/manifest
-  settings:
-    auto_tag: true
-    ignore_missing: true
-    password:
-      from_secret: docker_password
-    spec: docker/gar/manifest.tmpl
-    username:
-      from_secret: docker_username
-
-- name: manifest-acr
-  pull: always
-  image: plugins/manifest
-  settings:
-    auto_tag: true
-    ignore_missing: true
-    password:
-      from_secret: docker_password
-    spec: docker/acr/manifest.tmpl
-    username:
-      from_secret: docker_username
-
-- name: manifest-ecr
-  pull: always
-  image: plugins/manifest
-  settings:
-    auto_tag: true
-    ignore_missing: true
-    password:
-      from_secret: docker_password
-    spec: docker/ecr/manifest.tmpl
-    username:
-      from_secret: docker_username
-
-trigger:
-  ref:
-  - refs/heads/main
-  - "refs/tags/**"
-
-depends_on:
-- default
-- arm
-
----
-kind: pipeline
-type: vm
-name: notifications-docker-kaniko1-8
-
-pool:
-  use: ubuntu
-
-platform:
-  os: linux
-  arch: amd64
-
-steps:
-- name: manifest-docker
-  pull: always
-  image: plugins/manifest
-  settings:
-    auto_tag: false
-    ignore_missing: true
-    password:
-      from_secret: docker_password
-    spec: docker/docker/manifest-kaniko1.9.1.tmpl
-    username:
-      from_secret: docker_username
-
-- name: manifest-gcr
-  pull: always
-  image: plugins/manifest
-  settings:
-    auto_tag: false
-    ignore_missing: true
-    password:
-      from_secret: docker_password
-    spec: docker/gcr/manifest-kaniko1.9.1.tmpl
-    username:
-      from_secret: docker_username
-
-- name: manifest-gar
-  pull: always
-  image: plugins/manifest
-  settings:
-    auto_tag: false
-    ignore_missing: true
-    password:
-      from_secret: docker_password
-    spec: docker/gar/manifest-kaniko1.9.1.tmpl
-    username:
-      from_secret: docker_username
-
-- name: manifest-ecr
-  pull: always
-  image: plugins/manifest
-  settings:
-    auto_tag: false
-    ignore_missing: true
-    password:
-      from_secret: docker_password
-    spec: docker/ecr/manifest-kaniko1.9.1.tmpl
-    username:
-      from_secret: docker_username
-
-trigger:
-  ref:
-  - refs/heads/main
-  - "refs/tags/**"
-
-depends_on:
-- default
-- arm
+    - push
+    - tag

.gitignore

@@ -1,5 +1,3 @@
 release
 coverage.out
 vendor
-.idea
-.vscode

README.md

@@ -2,14 +2,6 @@
 
 Drone kaniko plugin uses [kaniko](https://github.com/GoogleContainerTools/kaniko) to build and publish Docker images to a container registry.
 
-Plugin images are published with 1.6.0 as well as 1.9.1 kaniko version from 1.5.1 release tag. `plugins/kaniko:<release-tag>` uses 1.6.0 version while `plugins/kaniko:<release-tag>-kaniko1.9.1` uses 1.9.1 version. Similar convention is used for plugins/kaniko-ecr & plugins/kaniko-gcr images as well.
-
-Run the following script to install git-leaks support to this repo.
-```
-chmod +x ./git-hooks/install.sh
-./git-hooks/install.sh
-```
-
 ## Build
 
 Build the binaries with the following commands:
@@ -23,7 +15,6 @@ export GO111MODULE=on
 go build -v -a -tags netgo -o release/linux/amd64/kaniko-docker ./cmd/kaniko-docker
 go build -v -a -tags netgo -o release/linux/amd64/kaniko-gcr ./cmd/kaniko-gcr
 go build -v -a -tags netgo -o release/linux/amd64/kaniko-ecr ./cmd/kaniko-ecr
-go build -v -a -tags netgo -o release/linux/amd64/kaniko-acr ./cmd/kaniko-acr
 ```
 
 ## Docker
@@ -35,11 +26,6 @@ docker build \
   --label org.label-schema.build-date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
   --label org.label-schema.vcs-ref=$(git rev-parse --short HEAD) \
   --file docker/docker/Dockerfile.linux.amd64 --tag plugins/kaniko .
-  
-docker build \
-  --label org.label-schema.build-date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
-  --label org.label-schema.vcs-ref=$(git rev-parse --short HEAD) \
-  --file docker/acr/Dockerfile.linux.amd64 --tag plugins/kaniko-acr .
 
 docker build \
   --label org.label-schema.build-date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
@@ -53,7 +39,6 @@ docker build \
 ```
 
 ## Usage
-### Manual Tagging
 
 ```console
 docker run --rm \
@@ -64,81 +49,5 @@ docker run --rm \
     -e PLUGIN_PASSWORD=bar \
     -v $(pwd):/drone \
     -w /drone \
-    plugins/kaniko:linux-amd64
+    plugins/kaniko-docker
 ```
-
-With expanded tagging enabled, semantic versions can be passed to PLUGIN_TAGS directly for expansion.
-
-**Note**: this feature only works for build labels. Artifact labels are not supported.
-
-```console
-docker run --rm \
-    -e PLUGIN_TAGS=v1.2.3,latest \
-    -e PLUGIN_EXPAND_TAG=true \
-    -v $(pwd):/drone \
-    -w /drone \
-    plugins/kaniko:linux-amd64
-```
-would both be equivalent to
-
-```
-PLUGIN_TAGS=1,1.2,1.2.3,latest
-```
-
-This allows for passing `$DRONE_TAG` directly as a tag for repos that use [semver](https://semver.org) tags.
-
-To avoid confusion between repo tags and image tags, `PLUGIN_EXPAND_TAG` also recognizes a semantic version
-without the `v` prefix.  As such, the following is also equivalent to the above:
-
-```console
-docker run --rm \
-    -e PLUGIN_TAGS=1.2.3,latest \
-    -e PLUGIN_EXPAND_TAG=true \
-    -v $(pwd):/drone \
-    -w /drone \
-    plugins/kaniko:linux-amd64
-```
-
-### Auto Tagging
-The [auto tag feature](https://plugins.drone.io/drone-plugins/drone-docker) of docker plugin is also supported.
-
-When auto tagging is enabled, if any of the case is matched below, a docker build will be pushed with auto generated tags. Otherwise the docker build will be skipped.
-
-**Note**: this feature only works for build labels. Artifact labels are not supported.
-
-#### Git Tag Push:
-
-```console
-docker run --rm \
-    -e DRONE_COMMIT_REF=refs/tags/v1.2.3 \
-    -e PLUGIN_REPO=foo/bar \
-    -e PLUGIN_USERNAME=foo \
-    -e PLUGIN_PASSWORD=bar \
-    -e PLUGIN_AUTO_TAG=true \
-    -v $(pwd):/drone \
-    -w /drone \
-    plugins/kaniko:linux-amd64
-```
-
-Tags to push:
-- 1.2.3
-- 1.2
-- 1
-
-#### Git Commit Push in default branch:
-
-```console
-docker run --rm \
-    -e DRONE_COMMIT_REF=refs/heads/master \
-    -e DRONE_REPO_BRANCH=main \
-    -e PLUGIN_REPO=foo/bar \
-    -e PLUGIN_USERNAME=foo \
-    -e PLUGIN_PASSWORD=bar \
-    -e PLUGIN_AUTO_TAG=true \
-    -v $(pwd):/drone \
-    -w /drone \
-    plugins/kaniko:linux-amd64
-```
-
-Tags to push:
-- latest

cmd/kaniko-acr/main.go

@@ -1,698 +0,0 @@
-package main
-
-import (
-	"context"
-	"encoding/base64"
-	"encoding/json"
-	"fmt"
-	"io/ioutil"
-	"net/http"
-	"net/url"
-	"os"
-	"strings"
-
-	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
-	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
-	"github.com/pkg/errors"
-	"github.com/sirupsen/logrus"
-	"github.com/urfave/cli"
-
-	kaniko "github.com/drone/drone-kaniko"
-	"github.com/drone/drone-kaniko/pkg/artifact"
-	"github.com/drone/drone-kaniko/pkg/docker"
-)
-
-const (
-	clientIdEnv        string = "AZURE_CLIENT_ID"
-	clientSecretKeyEnv string = "AZURE_CLIENT_SECRET"
-	dockerConfigPath   string = "/kaniko/.docker"
-	tenantKeyEnv       string = "AZURE_TENANT_ID"
-	certPathEnv        string = "AZURE_CLIENT_CERTIFICATE_PATH"
-	defaultDigestFile  string = "/kaniko/digest-file"
-	finalUrl           string = "https://portal.azure.com/#view/Microsoft_Azure_ContainerRegistries/TagMetadataBlade/registryId/"
-)
-
-var (
-	ACRCertPath   = "/kaniko/acr-cert.pem"
-	pluginVersion = "unknown"
-	username      = "00000000-0000-0000-0000-000000000000"
-	maxPageCount  = 1000 // maximum count of pages to cycle through before we break out
-)
-
-func main() {
-	// TODO Add the env file functionality
-	app := cli.NewApp()
-	app.Name = "kaniko docker plugin"
-	app.Usage = "kaniko docker plugin"
-	app.Action = run
-	app.Version = pluginVersion
-	app.Flags = []cli.Flag{
-		cli.StringFlag{
-			Name:   "dockerfile",
-			Usage:  "build dockerfile",
-			Value:  "Dockerfile",
-			EnvVar: "PLUGIN_DOCKERFILE",
-		},
-		cli.StringFlag{
-			Name:   "context",
-			Usage:  "build context",
-			Value:  ".",
-			EnvVar: "PLUGIN_CONTEXT",
-		},
-		cli.StringFlag{
-			Name:   "drone-commit-ref",
-			Usage:  "git commit ref passed by Drone",
-			EnvVar: "DRONE_COMMIT_REF",
-		},
-		cli.StringFlag{
-			Name:   "drone-repo-branch",
-			Usage:  "git repository default branch passed by Drone",
-			EnvVar: "DRONE_REPO_BRANCH",
-		},
-		cli.StringSliceFlag{
-			Name:     "tags",
-			Usage:    "build tags",
-			Value:    &cli.StringSlice{"latest"},
-			EnvVar:   "PLUGIN_TAGS",
-			FilePath: ".tags",
-		},
-		cli.BoolFlag{
-			Name:   "expand-tag",
-			Usage:  "enable for semver tagging",
-			EnvVar: "PLUGIN_EXPAND_TAG",
-		},
-		cli.BoolFlag{
-			Name:   "auto-tag",
-			Usage:  "enable auto generation of build tags",
-			EnvVar: "PLUGIN_AUTO_TAG",
-		},
-		cli.StringFlag{
-			Name:   "auto-tag-suffix",
-			Usage:  "the suffix of auto build tags",
-			EnvVar: "PLUGIN_AUTO_TAG_SUFFIX",
-		},
-		cli.StringSliceFlag{
-			Name:   "args",
-			Usage:  "build args",
-			EnvVar: "PLUGIN_BUILD_ARGS",
-		},
-		cli.StringFlag{
-			Name:   "target",
-			Usage:  "build target",
-			EnvVar: "PLUGIN_TARGET",
-		},
-		cli.StringFlag{
-			Name:   "repo",
-			Usage:  "docker repository",
-			EnvVar: "PLUGIN_REPO",
-		},
-		cli.BoolFlag{
-			Name:   "create-repository",
-			Usage:  "create ACR repository",
-			EnvVar: "PLUGIN_CREATE_REPOSITORY",
-		},
-		cli.StringSliceFlag{
-			Name:   "custom-labels",
-			Usage:  "additional k=v labels",
-			EnvVar: "PLUGIN_CUSTOM_LABELS",
-		},
-		cli.StringFlag{
-			Name:   "registry",
-			Usage:  "ACR registry",
-			EnvVar: "PLUGIN_REGISTRY",
-		},
-		cli.StringFlag{
-			Name:   "base-image-registry",
-			Usage:  "Docker registry for base image",
-			EnvVar: "PLUGIN_DOCKER_REGISTRY,PLUGIN_BASE_IMAGE_REGISTRY,DOCKER_REGISTRY",
-		},
-		cli.StringFlag{
-			Name:   "base-image-username",
-			Usage:  "Docker username for base image registry",
-			EnvVar: "PLUGIN_DOCKER_USERNAME,PLUGIN_BASE_IMAGE_USERNAME,DOCKER_USERNAME",
-		},
-		cli.StringFlag{
-			Name:   "base-image-password",
-			Usage:  "Docker password for base image registry",
-			EnvVar: "PLUGIN_DOCKER_PASSWORD,PLUGIN_BASE_IMAGE_PASSWORD,DOCKER_PASSWORD",
-		},
-		cli.StringSliceFlag{
-			Name:   "registry-mirrors",
-			Usage:  "docker registry mirrors",
-			EnvVar: "PLUGIN_REGISTRY_MIRRORS",
-		},
-		cli.StringFlag{
-			Name:   "client-secret",
-			Usage:  "Azure client secret",
-			EnvVar: "CLIENT_SECRET",
-		},
-		cli.StringFlag{
-			Name:   "client-cert",
-			Usage:  "Azure client certificate encoded in base64 format",
-			EnvVar: "CLIENT_CERTIFICATE",
-		},
-		cli.StringFlag{
-			Name:   "tenant-id",
-			Usage:  "Azure Tenant Id",
-			EnvVar: "TENANT_ID",
-		},
-		cli.StringFlag{
-			Name:   "subscription-id",
-			Usage:  "Azure Subscription Id",
-			EnvVar: "SUBSCRIPTION_ID",
-		},
-		cli.StringFlag{
-			Name:   "client-id",
-			Usage:  "Azure Client Id",
-			EnvVar: "CLIENT_ID",
-		},
-		cli.StringFlag{
-			Name:   "snapshot-mode",
-			Usage:  "Specify one of full, redo or time as snapshot mode",
-			EnvVar: "PLUGIN_SNAPSHOT_MODE",
-		},
-		cli.StringFlag{
-			Name:   "lifecycle-policy",
-			Usage:  "Path to lifecycle policy file",
-			EnvVar: "PLUGIN_LIFECYCLE_POLICY",
-		},
-		cli.StringFlag{
-			Name:   "repository-policy",
-			Usage:  "Path to repository policy file",
-			EnvVar: "PLUGIN_REPOSITORY_POLICY",
-		},
-		cli.BoolFlag{
-			Name:   "enable-cache",
-			Usage:  "Set this flag to opt into caching with kaniko",
-			EnvVar: "PLUGIN_ENABLE_CACHE",
-		},
-		cli.StringFlag{
-			Name:   "cache-repo",
-			Usage:  "Remote repository that will be used to store cached layers. Cache repo should be present in specified registry. enable-cache needs to be set to use this flag",
-			EnvVar: "PLUGIN_CACHE_REPO",
-		},
-		cli.IntFlag{
-			Name:   "cache-ttl",
-			Usage:  "Cache timeout in hours. Defaults to two weeks.",
-			EnvVar: "PLUGIN_CACHE_TTL",
-		},
-		cli.StringFlag{
-			Name:   "artifact-file",
-			Usage:  "Artifact file location that will be generated by the plugin. This file will include information of docker images that are uploaded by the plugin.",
-			EnvVar: "PLUGIN_ARTIFACT_FILE",
-		},
-		cli.BoolFlag{
-			Name:   "no-push",
-			Usage:  "Set this flag if you only want to build the image, without pushing to a registry",
-			EnvVar: "PLUGIN_NO_PUSH",
-		},
-		cli.StringFlag{
-			Name:   "verbosity",
-			Usage:  "Set this flag with value as oneof <panic|fatal|error|warn|info|debug|trace> to set the logging level for kaniko. Defaults to info.",
-			EnvVar: "PLUGIN_VERBOSITY",
-		},
-		cli.StringFlag{
-			Name:   "platform",
-			Usage:  "Allows to build with another default platform than the host, similarly to docker build --platform",
-			EnvVar: "PLUGIN_PLATFORM",
-		},
-		cli.BoolFlag{
-			Name:   "skip-unused-stages",
-			Usage:  "build only used stages",
-			EnvVar: "PLUGIN_SKIP_UNUSED_STAGES",
-		},
-		cli.StringFlag{
-			Name:   "cache-dir",
-			Usage:  "Set this flag to specify a local directory cache for base images",
-			EnvVar: "PLUGIN_CACHE_DIR",
-		},
-
-		cli.BoolFlag{
-			Name:   "cache-copy-layers",
-			Usage:  "Enable or disable copying layers from the cache.",
-			EnvVar: "PLUGIN_CACHE_COPY_LAYERS",
-		},
-		cli.BoolFlag{
-			Name:   "cache-run-layers",
-			Usage:  "Enable or disable running layers from the cache.",
-			EnvVar: "PLUGIN_CACHE_RUN_LAYERS",
-		},
-		cli.BoolFlag{
-			Name:   "cleanup",
-			Usage:  "Enable or disable cleanup of temporary files.",
-			EnvVar: "PLUGIN_CLEANUP",
-		},
-		cli.BoolFlag{
-			Name:   "compressed-caching",
-			Usage:  "Enable or disable compressed caching.",
-			EnvVar: "PLUGIN_COMPRESSED_CACHING",
-		},
-		cli.StringFlag{
-			Name:   "context-sub-path",
-			Usage:  "Sub-path within the context to build.",
-			EnvVar: "PLUGIN_CONTEXT_SUB_PATH",
-		},
-		cli.StringFlag{
-			Name:   "custom-platform",
-			Usage:  "Platform to use for building.",
-			EnvVar: "PLUGIN_CUSTOM_PLATFORM",
-		},
-		cli.BoolFlag{
-			Name:   "force",
-			Usage:  "Force building the image even if it already exists.",
-			EnvVar: "PLUGIN_FORCE",
-		},
-		cli.StringSliceFlag{
-			Name:   "image-name-with-digest-file",
-			Usage:  "Write image name with digest to a file.",
-			EnvVar: "PLUGIN_IMAGE_NAME_WITH_DIGEST_FILE",
-		},
-		cli.StringFlag{
-			Name:   "image-name-tag-with-digest-file",
-			Usage:  "Write image name with tag and digest to a file.",
-			EnvVar: "PLUGIN_IMAGE_NAME_TAG_WITH_DIGEST_FILE",
-		},
-		cli.BoolFlag{
-			Name:   "insecure",
-			Usage:  "Allow connecting to registries without TLS.",
-			EnvVar: "PLUGIN_INSECURE",
-		},
-		cli.BoolFlag{
-			Name:   "insecure-pull",
-			Usage:  "Allow insecure pulls from the registry.",
-			EnvVar: "PLUGIN_INSECURE_PULL",
-		},
-		cli.StringFlag{
-			Name:   "insecure-registry",
-			Usage:  "Use plain HTTP for registry communication.",
-			EnvVar: "PLUGIN_INSECURE_REGISTRY",
-		},
-		cli.StringFlag{
-			Name:   "log-format",
-			Usage:  "Set the log format for build output.",
-			EnvVar: "PLUGIN_LOG_FORMAT",
-		},
-		cli.BoolFlag{
-			Name:   "log-timestamp",
-			Usage:  "Show timestamps in build output.",
-			EnvVar: "PLUGIN_LOG_TIMESTAMP",
-		},
-		cli.StringFlag{
-			Name:   "oci-layout-path",
-			Usage:  "Directory to store OCI layout.",
-			EnvVar: "PLUGIN_OCI_LAYOUT_PATH",
-		},
-		cli.IntFlag{
-			Name:   "push-retry",
-			Usage:  "Number of times to retry pushing an image.",
-			EnvVar: "PLUGIN_PUSH_RETRY",
-		},
-		cli.StringFlag{
-			Name:   "registry-certificate",
-			Usage:  "Path to a file containing a registry certificate.",
-			EnvVar: "PLUGIN_REGISTRY_CERTIFICATE",
-		},
-		cli.StringFlag{
-			Name:   "registry-client-cert",
-			Usage:  "Path to a file containing a registry client certificate.",
-			EnvVar: "PLUGIN_REGISTRY_CLIENT_CERT",
-		},
-		cli.BoolFlag{
-			Name:   "skip-default-registry-fallback",
-			Usage:  "Skip Docker Hub and default registry fallback.",
-			EnvVar: "PLUGIN_SKIP_DEFAULT_REGISTRY_FALLBACK",
-		},
-		cli.BoolFlag{
-			Name:   "reproducible",
-			Usage:  "Create a reproducible image.",
-			EnvVar: "PLUGIN_REPRODUCIBLE",
-		},
-		cli.BoolFlag{
-			Name:   "single-snapshot",
-			Usage:  "Only create a single snapshot of the image.",
-			EnvVar: "PLUGIN_SINGLE_SNAPSHOT",
-		},
-		cli.BoolFlag{
-			Name:   "skip-push-permission-check",
-			Usage:  "Skip permission check when pushing.",
-			EnvVar: "PLUGIN_SKIP_PUSH_PERMISSION_CHECK",
-		},
-		cli.BoolFlag{
-			Name:   "skip-tls-verify-pull",
-			Usage:  "Skip TLS verification when pulling.",
-			EnvVar: "PLUGIN_SKIP_TLS_VERIFY_PULL",
-		},
-		cli.BoolFlag{
-			Name:   "skip-tls-verify-registry",
-			Usage:  "Skip TLS verification when connecting to a registry.",
-			EnvVar: "PLUGIN_SKIP_TLS_VERIFY_REGISTRY",
-		},
-		cli.BoolFlag{
-			Name:   "use-new-run",
-			Usage:  "Skip TLS verification when connecting to a registry.",
-			EnvVar: "PLUGIN_USE_NEW_RUN",
-		},
-		cli.BoolFlag{
-			Name:   "ignore-var-run",
-			Usage:  "Ignore the /var/run directory during build.",
-			EnvVar: "PLUGIN_IGNORE_VAR_RUN",
-		},
-		cli.StringFlag{
-			Name:   "ignore-path",
-			Usage:  "Path to ignore during the build.",
-			EnvVar: "PLUGIN_IGNORE_PATH",
-		},
-		cli.IntFlag{
-			Name:   "image-fs-extract-retry",
-			Usage:  "Number of retries for extracting filesystem layers.",
-			EnvVar: "PLUGIN_IMAGE_FS_EXTRACT_RETRY",
-		},
-		cli.IntFlag{
-			Name:   "image-download-retry",
-			Usage:  "Number of retries for downloading base images.",
-			EnvVar: "PLUGIN_IMAGE_DOWNLOAD_RETRY",
-		},
-	}
-
-	if err := app.Run(os.Args); err != nil {
-		logrus.Fatal(err)
-	}
-}
-
-func run(c *cli.Context) error {
-	registry := c.String("registry")
-	noPush := c.Bool("no-push")
-
-	publicUrl, err := setupAuth(
-		c.String("tenant-id"),
-		c.String("client-id"),
-		c.String("client-cert"),
-		c.String("client-secret"),
-		c.String("subscription-id"),
-		registry,
-		c.String("base-image-username"),
-		c.String("base-image-password"),
-		c.String("base-image-registry"),
-		noPush,
-	)
-	if err != nil {
-		return err
-	}
-
-	plugin := kaniko.Plugin{
-		Build: kaniko.Build{
-			DroneCommitRef:              c.String("drone-commit-ref"),
-			DroneRepoBranch:             c.String("drone-repo-branch"),
-			Dockerfile:                  c.String("dockerfile"),
-			Context:                     c.String("context"),
-			Tags:                        c.StringSlice("tags"),
-			AutoTag:                     c.Bool("auto-tag"),
-			AutoTagSuffix:               c.String("auto-tag-suffix"),
-			ExpandTag:                   c.Bool("expand-tag"),
-			Args:                        c.StringSlice("args"),
-			Target:                      c.String("target"),
-			Repo:                        c.String("repo"),
-			Mirrors:                     c.StringSlice("registry-mirrors"),
-			Labels:                      c.StringSlice("custom-labels"),
-			SnapshotMode:                c.String("snapshot-mode"),
-			EnableCache:                 c.Bool("enable-cache"),
-			CacheRepo:                   fmt.Sprintf("%s/%s", c.String("registry"), c.String("cache-repo")),
-			CacheTTL:                    c.Int("cache-ttl"),
-			DigestFile:                  defaultDigestFile,
-			NoPush:                      noPush,
-			Verbosity:                   c.String("verbosity"),
-			Platform:                    c.String("platform"),
-			SkipUnusedStages:            c.Bool("skip-unused-stages"),
-			CacheDir:                    c.String("cache-dir"),
-			CacheCopyLayers:             c.Bool("cache-copy-layers"),
-			CacheRunLayers:              c.Bool("cache-run-layers"),
-			Cleanup:                     c.Bool("cleanup"),
-			ContextSubPath:              c.String("context-sub-path"),
-			CustomPlatform:              c.String("custom-platform"),
-			Force:                       c.Bool("force"),
-			ImageNameWithDigestFile:     c.String("image-name-with-digest-file"),
-			ImageNameTagWithDigestFile:  c.String("image-name-tag-with-digest-file"),
-			Insecure:                    c.Bool("insecure"),
-			InsecurePull:                c.Bool("insecure-pull"),
-			InsecureRegistry:            c.String("insecure-registry"),
-			Label:                       c.String("label"),
-			LogFormat:                   c.String("log-format"),
-			LogTimestamp:                c.Bool("log-timestamp"),
-			OCILayoutPath:               c.String("oci-layout-path"),
-			PushRetry:                   c.Int("push-retry"),
-			RegistryCertificate:         c.String("registry-certificate"),
-			RegistryClientCert:          c.String("registry-client-cert"),
-			SkipDefaultRegistryFallback: c.Bool("skip-default-registry-fallback"),
-			Reproducible:                c.Bool("reproducible"),
-			SingleSnapshot:              c.Bool("single-snapshot"),
-			SkipTLSVerify:               c.Bool("skip-tls-verify"),
-			SkipPushPermissionCheck:     c.Bool("skip-push-permission-check"),
-			SkipTLSVerifyPull:           c.Bool("skip-tls-verify-pull"),
-			SkipTLSVerifyRegistry:       c.Bool("skip-tls-verify-registry"),
-			UseNewRun:                   c.Bool("use-new-run"),
-			IgnorePath:                  c.String("ignore-path"),
-			ImageFSExtractRetry:         c.Int("image-fs-extract-retry"),
-			ImageDownloadRetry:          c.Int("image-download-retry"),
-		},
-		Artifact: kaniko.Artifact{
-			Tags:         c.StringSlice("tags"),
-			Repo:         c.String("repo"),
-			Registry:     publicUrl, // this is public url on which the artifact can be seen
-			ArtifactFile: c.String("artifact-file"),
-			RegistryType: artifact.Docker,
-		},
-	}
-	if c.IsSet("compressed-caching") {
-		flag := c.Bool("compressed-caching")
-		plugin.Build.CompressedCaching = &flag
-	}
-	if c.IsSet("ignore-var-run") {
-		flag := c.Bool("ignore-var-run")
-		plugin.Build.IgnoreVarRun = &flag
-	}
-	return plugin.Exec()
-}
-
-func setupAuth(tenantId, clientId, cert,
-	clientSecret, subscriptionId, registry, dockerUsername, dockerPassword, dockerRegistry string, noPush bool) (string, error) {
-	if registry == "" {
-		return "", fmt.Errorf("registry must be specified")
-	}
-
-	if noPush {
-		return "", nil
-	}
-
-	// case of client secret or cert based auth
-	if clientId != "" {
-		// only setup auth when pushing or credentials are defined
-
-		token, publicUrl, err := getACRToken(subscriptionId, tenantId, clientId, clientSecret, cert, registry)
-		if err != nil {
-			return "", errors.Wrap(err, "failed to fetch ACR Token")
-		}
-
-		// setup docker config for azure registry and base image docker registry
-		if err := setDockerAuth(username, token, registry, dockerUsername, dockerPassword, dockerRegistry); err != nil {
-			return "", errors.Wrap(err, "failed to create docker config")
-		}
-		return publicUrl, nil
-	} else {
-		return "", fmt.Errorf("managed authentication is not supported")
-	}
-}
-
-func getACRToken(subscriptionId, tenantId, clientId, clientSecret, cert, registry string) (string, string, error) {
-	if tenantId == "" {
-		return "", "", fmt.Errorf("tenantId can't be empty for AAD authentication")
-	}
-
-	if clientId == "" {
-		return "", "", fmt.Errorf("clientId can't be empty for AAD authentication")
-	}
-
-	if clientSecret == "" && cert == "" {
-		return "", "", fmt.Errorf("one of client secret or cert should be defined")
-	}
-
-	// in case of authentication via cert
-	if cert != "" {
-		err := setupACRCert(cert)
-		if err != nil {
-			errors.Wrap(err, "failed to push setup cert file")
-		}
-	}
-
-	if err := os.Setenv(clientIdEnv, clientId); err != nil {
-		return "", "", errors.Wrap(err, "failed to set env variable client Id")
-	}
-	if err := os.Setenv(clientSecretKeyEnv, clientSecret); err != nil {
-		return "", "", errors.Wrap(err, "failed to set env variable client secret")
-	}
-	if err := os.Setenv(tenantKeyEnv, tenantId); err != nil {
-		return "", "", errors.Wrap(err, "failed to set env variable tenant Id")
-	}
-	if err := os.Setenv(certPathEnv, ACRCertPath); err != nil {
-		return "", "", errors.Wrap(err, "failed to set env variable cert path")
-	}
-	env, err := azidentity.NewEnvironmentCredential(nil)
-	if err != nil {
-		return "", "", errors.Wrap(err, "failed to get env credentials from azure")
-	}
-
-	policy := policy.TokenRequestOptions{
-		Scopes: []string{"https://management.azure.com/.default"},
-	}
-	os.Unsetenv(clientIdEnv)
-	os.Unsetenv(clientSecretKeyEnv)
-	os.Unsetenv(tenantKeyEnv)
-	os.Unsetenv(certPathEnv)
-
-	azToken, err := env.GetToken(context.Background(), policy)
-	if err != nil {
-		return "", "", errors.Wrap(err, "failed to fetch access token")
-	}
-
-	publicUrl, err := getPublicUrl(azToken.Token, registry, subscriptionId)
-	if err != nil {
-		// execution should not fail because of this error.
-		fmt.Fprintf(os.Stderr, "failed to get public url with error: %s\n", err)
-	}
-
-	ACRToken, err := fetchACRToken(tenantId, azToken.Token, registry)
-	if err != nil {
-		return "", "", errors.Wrap(err, "failed to fetch ACR token")
-	}
-	return ACRToken, publicUrl, nil
-}
-
-func fetchACRToken(tenantId, token, registry string) (string, error) {
-	formData := url.Values{
-		"grant_type":   {"access_token"},
-		"service":      {registry},
-		"tenant":       {tenantId},
-		"access_token": {token},
-	}
-	jsonResponse, err := http.PostForm(fmt.Sprintf("https://%s/oauth2/exchange", registry), formData)
-	if err != nil {
-		return "", errors.Wrap(err, "failed to fetch ACR token")
-	}
-	var response map[string]interface{}
-	err = json.NewDecoder(jsonResponse.Body).Decode(&response)
-	if err != nil {
-		return "", errors.Wrap(err, "failed to decode oauth exchange response")
-	}
-
-	if x, found := response["refresh_token"]; found {
-		s, ok := x.(string)
-		if !ok {
-			errors.New("failed to cast refresh token from acr")
-		} else {
-			return s, nil
-		}
-	} else {
-		return "", errors.Wrap(err, "refresh token not found in response of oauth exchange call")
-	}
-	return "", errors.New("failed to get refresh token from acr")
-}
-
-func setupACRCert(cert string) error {
-	decoded, err := base64.StdEncoding.DecodeString(cert)
-	if err != nil {
-		return errors.Wrap(err, "failed to base64 decode ACR certificate")
-	}
-	err = ioutil.WriteFile(ACRCertPath, []byte(decoded), 0644)
-	if err != nil {
-		return errors.Wrap(err, "failed to write ACR certificate")
-	}
-	return nil
-}
-
-func getPublicUrl(token, registryUrl, subscriptionId string) (string, error) {
-	// for backward compatibilty, if the subscription id is not defined, do not fail step.
-	if len(subscriptionId) == 0 {
-		return "", nil
-	}
-
-	registry := strings.Split(registryUrl, ".")[0]
-	baseURL := "https://management.azure.com/subscriptions/" +
-		subscriptionId + "/resources?$filter=resourceType%20eq%20'Microsoft.ContainerRegistry/registries'%20and%20name%20eq%20'" +
-		registry + "'&api-version=2021-04-01&$select=id"
-
-	method := "GET"
-	client := &http.Client{}
-
-	cnt := 0
-
-	for {
-		// this is just in case we end up cycling through nextLink's infinitely.
-		// this should not happen - added as a precaution.
-		if cnt > maxPageCount {
-			break
-		}
-		cnt++
-		req, err := http.NewRequest(method, baseURL, nil)
-		if err != nil {
-			return "", errors.Wrap(err, "failed to create request for getting container registry setting")
-		}
-
-		req.Header.Add("Authorization", "Bearer "+token)
-		res, err := client.Do(req)
-		if err != nil {
-			return "", errors.Wrap(err, "failed to send request for getting container registry setting")
-		}
-		defer res.Body.Close()
-
-		var response strct
-		err = json.NewDecoder(res.Body).Decode(&response)
-		if err != nil {
-			return "", errors.Wrap(err, "failed to send request for getting container registry setting")
-		}
-
-		if len(response.Value) > 0 {
-			if response.Value[0].ID == "" { // should not happen
-				return "", errors.New("received empty registry ID from /subscriptions API")
-			}
-			return finalUrl + encodeParam(response.Value[0].ID), nil
-		}
-
-		if response.NextLink == "" {
-			// No more pages, break the loop
-			break
-		}
-
-		baseURL = response.NextLink
-	}
-
-	return "", errors.New("did not receive any registry information from /subscriptions API")
-}
-
-func setDockerAuth(username, password, registry, dockerUsername, dockerPassword, dockerRegistry string) error {
-	dockerConfig := docker.NewConfig()
-	pushToRegistryCreds := docker.RegistryCredentials{
-		Registry: registry,
-		Username: username,
-		Password: password,
-	}
-
-	pullFromRegistryCreds := docker.RegistryCredentials{
-		Registry: dockerRegistry,
-		Username: dockerUsername,
-		Password: dockerPassword,
-	}
-
-	credentials := []docker.RegistryCredentials{pushToRegistryCreds, pullFromRegistryCreds}
-	return dockerConfig.CreateDockerConfig(credentials, dockerConfigPath)
-
-}
-
-func encodeParam(s string) string {
-	return url.QueryEscape(s)
-}
-
-type strct struct {
-	Value []struct {
-		ID string `json:"id"`
-	} `json:"value"`
-	NextLink string `json:"nextLink"` // for pagination
-}

cmd/kaniko-acr/main_test.go

@@ -1,156 +0,0 @@
-package main
-
-import (
-	"encoding/base64"
-	"encoding/json"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"testing"
-
-	"github.com/drone/drone-kaniko/pkg/docker"
-	"github.com/stretchr/testify/assert"
-)
-
-const (
-	v2RegistryURL string = "https://index.docker.io/v2/" // v2 registry is not supported
-)
-
-func TestCreateDockerConfigWithBaseRegistry(t *testing.T) {
-	username := "user1"
-	password := "pass1"
-	registry := "azurecr.io"
-	dockerUsername := "dockeruser"
-	dockerPassword := "dockerpass"
-	dockerRegistry := "https://index.docker.io/v1/"
-	privateRegistry := "privateDockerRegistry"
-	privateRegistryUsername := "priaveUsername"
-	privateRegistryPassword := "privatePassword"
-
-	credentials := []docker.RegistryCredentials{
-		{
-			Registry: registry,
-			Username: username,
-			Password: password,
-		},
-		{
-			Registry: dockerRegistry,
-			Username: dockerUsername,
-			Password: dockerPassword,
-		},
-		{
-			Registry: privateRegistry,
-			Username: privateRegistryUsername,
-			Password: privateRegistryPassword,
-		},
-	}
-
-	tempDir, err := ioutil.TempDir("", "docker-config-test")
-	assert.NoError(t, err)
-	defer os.RemoveAll(tempDir)
-
-	config := docker.NewConfig()
-	err = config.CreateDockerConfig(credentials, tempDir)
-	assert.NoError(t, err)
-
-	expectedAuth := docker.Auth{Auth: base64.StdEncoding.EncodeToString([]byte(username + ":" + password))}
-	assert.Equal(t, expectedAuth, config.Auths[registry])
-
-	expectedDockerAuth := docker.Auth{Auth: base64.StdEncoding.EncodeToString([]byte(dockerUsername + ":" + dockerPassword))}
-	assert.Equal(t, expectedDockerAuth, config.Auths[dockerRegistry])
-
-	configPath := filepath.Join(tempDir, "config.json")
-	data, err := ioutil.ReadFile(configPath)
-	assert.NoError(t, err)
-
-	var configFromFile docker.Config
-	err = json.Unmarshal(data, &configFromFile)
-	assert.NoError(t, err)
-
-	assert.Equal(t, config.Auths, configFromFile.Auths)
-
-	err = config.CreateDockerConfig([]docker.RegistryCredentials{
-		{
-			Registry: registry,
-			Username: "",
-			Password: password,
-		},
-	}, tempDir)
-	assert.EqualError(t, err, "Username must be specified for registry: "+registry)
-
-	err = config.CreateDockerConfig([]docker.RegistryCredentials{
-		{
-			Registry: registry,
-			Username: username,
-			Password: "",
-		},
-	}, tempDir)
-	assert.EqualError(t, err, "Password must be specified for registry: "+registry)
-
-	// v1 registry but without username password
-	err = config.CreateDockerConfig([]docker.RegistryCredentials{
-		{
-			Registry: registry,
-			Username: username,
-			Password: password,
-		},
-		{
-			Registry: dockerRegistry,
-			Username: "",
-			Password: "",
-		},
-	}, tempDir)
-	assert.EqualError(t, err, "Username must be specified for registry: "+dockerRegistry)
-
-	// private base registry without username/password
-	err = config.CreateDockerConfig([]docker.RegistryCredentials{
-		{
-			Registry: privateRegistry,
-			Username: "",
-			Password: "",
-		},
-	}, tempDir)
-	assert.EqualError(t, err, "Username must be specified for registry: "+privateRegistry)
-
-}
-
-func TestCreateDockerConfigWithoutBaseRegistry(t *testing.T) {
-	username := "user1"
-	password := "pass1"
-	registry := "azurecr.io"
-
-	credentials := []docker.RegistryCredentials{
-		{
-			Registry: registry,
-			Username: username,
-			Password: password,
-		},
-	}
-
-	// Create a temporary directory
-	tempDir, err := ioutil.TempDir("", "docker-config-test")
-	assert.NoError(t, err)
-	defer os.RemoveAll(tempDir)
-
-	config := docker.NewConfig()
-	err = config.CreateDockerConfig(credentials, tempDir)
-	assert.NoError(t, err)
-
-	expectedAuth := docker.Auth{Auth: base64.StdEncoding.EncodeToString([]byte(username + ":" + password))}
-	assert.Equal(t, expectedAuth, config.Auths[registry])
-
-	// Check the contents of the config.json file
-	configPath := filepath.Join(tempDir, "config.json")
-	data, err := ioutil.ReadFile(configPath)
-	assert.NoError(t, err)
-
-	var configFromFile docker.Config
-	err = json.Unmarshal(data, &configFromFile)
-	assert.NoError(t, err)
-
-	assert.Equal(t, config.Auths, configFromFile.Auths)
-
-	// Check if the public Docker Hub auth is not set
-	_, exists := config.Auths[""]
-	assert.False(t, exists)
-}

cmd/kaniko-docker/main.go

@@ -1,8 +1,10 @@
 package main
 
 import (
+	"encoding/base64"
+	"fmt"
+	"io/ioutil"
 	"os"
-	"strings"
 
 	"github.com/joho/godotenv"
 	"github.com/pkg/errors"
@@ -10,8 +12,6 @@ import (
 	"github.com/urfave/cli"
 
 	kaniko "github.com/drone/drone-kaniko"
-	"github.com/drone/drone-kaniko/pkg/artifact"
-	"github.com/drone/drone-kaniko/pkg/docker"
 )
 
 const (
@@ -19,9 +19,8 @@ const (
 	dockerPath       string = "/kaniko/.docker"
 	dockerConfigPath string = "/kaniko/.docker/config.json"
 
-	v1RegistryURL string = "https://index.docker.io/v1/" // Default registry
-
-	defaultDigestFile string = "/kaniko/digest-file"
+	v1Registry string = "https://index.docker.io/v1/" // Default registry
+	v2Registry string = "https://index.docker.io/v2/" // v2 registry is not supported
 )
 
 var (
@@ -31,9 +30,7 @@ var (
 func main() {
 	// Load env-file if it exists first
 	if env := os.Getenv("PLUGIN_ENV_FILE"); env != "" {
-		if err := godotenv.Load(env); err != nil {
-			logrus.Fatal(err)
-		}
+		godotenv.Load(env)
 	}
 
 	app := cli.NewApp()
@@ -54,16 +51,6 @@ func main() {
 			Value:  ".",
 			EnvVar: "PLUGIN_CONTEXT",
 		},
-		cli.StringFlag{
-			Name:   "drone-commit-ref",
-			Usage:  "git commit ref passed by Drone",
-			EnvVar: "DRONE_COMMIT_REF",
-		},
-		cli.StringFlag{
-			Name:   "drone-repo-branch",
-			Usage:  "git repository default branch passed by Drone",
-			EnvVar: "DRONE_REPO_BRANCH",
-		},
 		cli.StringSliceFlag{
 			Name:     "tags",
 			Usage:    "build tags",
@@ -71,31 +58,6 @@ func main() {
 			EnvVar:   "PLUGIN_TAGS",
 			FilePath: ".tags",
 		},
-		cli.BoolFlag{
-			Name:   "expand-repo",
-			Usage:  "Prepends the registry url to the repo if registry url is not specified in repo name",
-			EnvVar: "PLUGIN_EXPAND_REPO",
-		},
-		cli.BoolFlag{
-			Name:   "expand-tag",
-			Usage:  "enable for semver tagging",
-			EnvVar: "PLUGIN_EXPAND_TAG",
-		},
-		cli.BoolFlag{
-			Name:   "auto-tag",
-			Usage:  "enable auto generation of build tags",
-			EnvVar: "PLUGIN_AUTO_TAG",
-		},
-		cli.StringFlag{
-			Name:   "dockerconfig",
-			Usage:  "docker json dockerconfig",
-			EnvVar: "PLUGIN_CONFIG",
-		},
-		cli.StringFlag{
-			Name:   "auto-tag-suffix",
-			Usage:  "the suffix of auto build tags",
-			EnvVar: "PLUGIN_AUTO_TAG_SUFFIX",
-		},
 		cli.StringSliceFlag{
 			Name:   "args",
 			Usage:  "build args",
@@ -118,251 +80,20 @@ func main() {
 		},
 		cli.StringFlag{
 			Name:   "registry",
-			Usage:  "docker registry of registry to push image to",
-			Value:  v1RegistryURL,
+			Usage:  "docker registry",
+			Value:  v1Registry,
 			EnvVar: "PLUGIN_REGISTRY",
 		},
-		cli.StringFlag{
-			Name:   "base-image-registry",
-			Usage:  "Docker registry for base image",
-			EnvVar: "PLUGIN_DOCKER_REGISTRY,PLUGIN_BASE_IMAGE_REGISTRY,DOCKER_REGISTRY",
-		},
-		cli.StringSliceFlag{
-			Name:   "registry-mirrors",
-			Usage:  "docker registry mirrors",
-			EnvVar: "PLUGIN_REGISTRY_MIRRORS",
-		},
 		cli.StringFlag{
 			Name:   "username",
-			Usage:  "docker username of registry to push image to",
+			Usage:  "docker username",
 			EnvVar: "PLUGIN_USERNAME",
 		},
-		cli.StringFlag{
-			Name:   "base-image-username",
-			Usage:  "Docker username for base image registry",
-			EnvVar: "PLUGIN_DOCKER_USERNAME,PLUGIN_BASE_IMAGE_USERNAME,DOCKER_USERNAME",
-		},
 		cli.StringFlag{
 			Name:   "password",
-			Usage:  "docker password of registry to push image to",
+			Usage:  "docker password",
 			EnvVar: "PLUGIN_PASSWORD",
 		},
-		cli.StringFlag{
-			Name:   "base-image-password",
-			Usage:  "Docker password for base image registry",
-			EnvVar: "PLUGIN_DOCKER_PASSWORD,PLUGIN_BASE_IMAGE_PASSWORD,DOCKER_PASSWORD",
-		},
-		cli.BoolFlag{
-			Name:   "skip-tls-verify",
-			Usage:  "Skip registry tls verify",
-			EnvVar: "PLUGIN_SKIP_TLS_VERIFY",
-		},
-		cli.StringFlag{
-			Name:   "snapshot-mode",
-			Usage:  "Specify one of full, redo or time as snapshot mode",
-			EnvVar: "PLUGIN_SNAPSHOT_MODE",
-		},
-		cli.BoolFlag{
-			Name:   "enable-cache",
-			Usage:  "Set this flag to opt into caching with kaniko",
-			EnvVar: "PLUGIN_ENABLE_CACHE",
-		},
-		cli.StringFlag{
-			Name:   "cache-repo",
-			Usage:  "Remote repository that will be used to store cached layers. enable-cache needs to be set to use this flag",
-			EnvVar: "PLUGIN_CACHE_REPO",
-		},
-		cli.IntFlag{
-			Name:   "cache-ttl",
-			Usage:  "Cache timeout in hours. Defaults to two weeks.",
-			EnvVar: "PLUGIN_CACHE_TTL",
-		},
-		cli.StringFlag{
-			Name:   "artifact-file",
-			Usage:  "Artifact file location that will be generated by the plugin. This file will include information of docker images that are uploaded by the plugin.",
-			EnvVar: "PLUGIN_ARTIFACT_FILE",
-		},
-		cli.BoolFlag{
-			Name:   "no-push",
-			Usage:  "Set this flag if you only want to build the image, without pushing to a registry",
-			EnvVar: "PLUGIN_NO_PUSH",
-		},
-		cli.StringFlag{
-			Name:   "tar-path",
-			Usage:  "Set this flag to save the image as a tarball at path",
-			EnvVar: "PLUGIN_TAR_PATH",
-		},
-		cli.StringFlag{
-			Name:   "verbosity",
-			Usage:  "Set this flag with value as oneof <panic|fatal|error|warn|info|debug|trace> to set the logging level for kaniko. Defaults to info.",
-			EnvVar: "PLUGIN_VERBOSITY",
-		},
-		cli.StringFlag{
-			Name:   "platform",
-			Usage:  "Allows to build with another default platform than the host, similarly to docker build --platform",
-			EnvVar: "PLUGIN_PLATFORM",
-		},
-		cli.BoolFlag{
-			Name:   "skip-unused-stages",
-			Usage:  "build only used stages",
-			EnvVar: "PLUGIN_SKIP_UNUSED_STAGES",
-		},
-		cli.StringFlag{
-			Name:   "output-file",
-			Usage:  "Output file location that will be generated by the plugin. This file will include information of the output that are exported by the plugin.",
-			EnvVar: "DRONE_OUTPUT",
-		},
-		cli.StringFlag{
-			Name:   "cache-dir",
-			Usage:  "Set this flag to specify a local directory cache for base images",
-			EnvVar: "PLUGIN_CACHE_DIR",
-		},
-
-		cli.BoolFlag{
-			Name:   "cache-copy-layers",
-			Usage:  "Enable or disable copying layers from the cache.",
-			EnvVar: "PLUGIN_CACHE_COPY_LAYERS",
-		},
-		cli.BoolFlag{
-			Name:   "cache-run-layers",
-			Usage:  "Enable or disable running layers from the cache.",
-			EnvVar: "PLUGIN_CACHE_RUN_LAYERS",
-		},
-		cli.BoolFlag{
-			Name:   "cleanup",
-			Usage:  "Enable or disable cleanup of temporary files.",
-			EnvVar: "PLUGIN_CLEANUP",
-		},
-		cli.BoolFlag{
-			Name:   "compressed-caching",
-			Usage:  "Enable or disable compressed caching.",
-			EnvVar: "PLUGIN_COMPRESSED_CACHING",
-		},
-		cli.StringFlag{
-			Name:   "context-sub-path",
-			Usage:  "Sub-path within the context to build.",
-			EnvVar: "PLUGIN_CONTEXT_SUB_PATH",
-		},
-		cli.StringFlag{
-			Name:   "custom-platform",
-			Usage:  "Platform to use for building.",
-			EnvVar: "PLUGIN_CUSTOM_PLATFORM",
-		},
-		cli.BoolFlag{
-			Name:   "force",
-			Usage:  "Force building the image even if it already exists.",
-			EnvVar: "PLUGIN_FORCE",
-		},
-		cli.StringFlag{
-			Name:   "image-name-with-digest-file",
-			Usage:  "Write image name with digest to a file.",
-			EnvVar: "PLUGIN_IMAGE_NAME_WITH_DIGEST_FILE",
-		},
-		cli.StringFlag{
-			Name:   "image-name-tag-with-digest-file",
-			Usage:  "Write image name with tag and digest to a file.",
-			EnvVar: "PLUGIN_IMAGE_NAME_TAG_WITH_DIGEST_FILE",
-		},
-		cli.BoolFlag{
-			Name:   "insecure",
-			Usage:  "Allow connecting to registries without TLS.",
-			EnvVar: "PLUGIN_INSECURE",
-		},
-		cli.BoolFlag{
-			Name:   "insecure-pull",
-			Usage:  "Allow insecure pulls from the registry.",
-			EnvVar: "PLUGIN_INSECURE_PULL",
-		},
-		cli.StringFlag{
-			Name:   "insecure-registry",
-			Usage:  "Use plain HTTP for registry communication.",
-			EnvVar: "PLUGIN_INSECURE_REGISTRY",
-		},
-		cli.StringFlag{
-			Name:   "log-format",
-			Usage:  "Set the log format for build output.",
-			EnvVar: "PLUGIN_LOG_FORMAT",
-		},
-		cli.BoolFlag{
-			Name:   "log-timestamp",
-			Usage:  "Show timestamps in build output.",
-			EnvVar: "PLUGIN_LOG_TIMESTAMP",
-		},
-		cli.StringFlag{
-			Name:   "oci-layout-path",
-			Usage:  "Directory to store OCI layout.",
-			EnvVar: "PLUGIN_OCI_LAYOUT_PATH",
-		},
-		cli.IntFlag{
-			Name:   "push-retry",
-			Usage:  "Number of times to retry pushing an image.",
-			EnvVar: "PLUGIN_PUSH_RETRY",
-		},
-		cli.StringFlag{
-			Name:   "registry-certificate",
-			Usage:  "Path to a file containing a registry certificate.",
-			EnvVar: "PLUGIN_REGISTRY_CERTIFICATE",
-		},
-		cli.StringFlag{
-			Name:   "registry-client-cert",
-			Usage:  "Path to a file containing a registry client certificate.",
-			EnvVar: "PLUGIN_REGISTRY_CLIENT_CERT",
-		},
-		cli.BoolFlag{
-			Name:   "skip-default-registry-fallback",
-			Usage:  "Skip Docker Hub and default registry fallback.",
-			EnvVar: "PLUGIN_SKIP_DEFAULT_REGISTRY_FALLBACK",
-		},
-		cli.BoolFlag{
-			Name:   "reproducible",
-			Usage:  "Create a reproducible image.",
-			EnvVar: "PLUGIN_REPRODUCIBLE",
-		},
-		cli.BoolFlag{
-			Name:   "single-snapshot",
-			Usage:  "Only create a single snapshot of the image.",
-			EnvVar: "PLUGIN_SINGLE_SNAPSHOT",
-		},
-		cli.BoolFlag{
-			Name:   "skip-push-permission-check",
-			Usage:  "Skip permission check when pushing.",
-			EnvVar: "PLUGIN_SKIP_PUSH_PERMISSION_CHECK",
-		},
-		cli.BoolFlag{
-			Name:   "skip-tls-verify-pull",
-			Usage:  "Skip TLS verification when pulling.",
-			EnvVar: "PLUGIN_SKIP_TLS_VERIFY_PULL",
-		},
-		cli.BoolFlag{
-			Name:   "skip-tls-verify-registry",
-			Usage:  "Skip TLS verification when connecting to a registry.",
-			EnvVar: "PLUGIN_SKIP_TLS_VERIFY_REGISTRY",
-		},
-		cli.BoolFlag{
-			Name:   "use-new-run",
-			Usage:  "Skip TLS verification when connecting to a registry.",
-			EnvVar: "PLUGIN_USE_NEW_RUN",
-		},
-		cli.BoolFlag{
-			Name:   "ignore-var-run",
-			Usage:  "Ignore the /var/run directory during build.",
-			EnvVar: "PLUGIN_IGNORE_VAR_RUN",
-		},
-		cli.StringFlag{
-			Name:   "ignore-path",
-			Usage:  "Path to ignore during the build.",
-			EnvVar: "PLUGIN_IGNORE_PATH",
-		},
-		cli.IntFlag{
-			Name:   "image-fs-extract-retry",
-			Usage:  "Number of retries for extracting filesystem layers.",
-			EnvVar: "PLUGIN_IMAGE_FS_EXTRACT_RETRY",
-		},
-		cli.IntFlag{
-			Name:   "image-download-retry",
-			Usage:  "Number of retries for downloading base images.",
-			EnvVar: "PLUGIN_IMAGE_DOWNLOAD_RETRY",
-		},
 	}
 
 	if err := app.Run(os.Args); err != nil {
@@ -371,142 +102,54 @@ func main() {
 }
 
 func run(c *cli.Context) error {
-	username := c.String("username")
-	noPush := c.Bool("no-push")
-	configOverride := c.String("dockerconfig")
-	// if configOverride is provided, use this directly to write to docker config file
-	if len(configOverride) > 0 {
-		if err := docker.WriteDockerConfig([]byte(configOverride), dockerPath); err != nil {
-			return err
-		}
-	} else if !noPush || username != "" {
-		// setup auth when pushing/pulling or credentials are defined and docker config override is false
-		err := setDockerAuth(
-			c.String("username"),
-			c.String("password"),
-			c.String("registry"),
-			c.String("base-image-username"),
-			c.String("base-image-password"),
-			c.String("base-image-registry"),
-		)
-		if err != nil {
-			return errors.Wrap(err, "failed to create docker config")
-		}
+	err := createDockerCfgFile(c.String("username"), c.String("password"), c.String("registry"))
+	if err != nil {
+		return err
 	}
 
 	plugin := kaniko.Plugin{
 		Build: kaniko.Build{
-			DroneCommitRef:              c.String("drone-commit-ref"),
-			DroneRepoBranch:             c.String("drone-repo-branch"),
-			Dockerfile:                  c.String("dockerfile"),
-			Context:                     c.String("context"),
-			Tags:                        c.StringSlice("tags"),
-			AutoTag:                     c.Bool("auto-tag"),
-			AutoTagSuffix:               c.String("auto-tag-suffix"),
-			ExpandTag:                   c.Bool("expand-tag"),
-			Args:                        c.StringSlice("args"),
-			Target:                      c.String("target"),
-			Repo:                        buildRepo(c.String("registry"), c.String("repo"), c.Bool("expand-repo")),
-			Mirrors:                     c.StringSlice("registry-mirrors"),
-			Labels:                      c.StringSlice("custom-labels"),
-			SkipTlsVerify:               c.Bool("skip-tls-verify"),
-			SnapshotMode:                c.String("snapshot-mode"),
-			EnableCache:                 c.Bool("enable-cache"),
-			CacheRepo:                   buildRepo(c.String("registry"), c.String("cache-repo"), c.Bool("expand-repo")),
-			CacheTTL:                    c.Int("cache-ttl"),
-			DigestFile:                  defaultDigestFile,
-			NoPush:                      noPush,
-			TarPath:                     c.String("tar-path"),
-			Verbosity:                   c.String("verbosity"),
-			Platform:                    c.String("platform"),
-			SkipUnusedStages:            c.Bool("skip-unused-stages"),
-			CacheDir:                    c.String("cache-dir"),
-			CacheCopyLayers:             c.Bool("cache-copy-layers"),
-			CacheRunLayers:              c.Bool("cache-run-layers"),
-			Cleanup:                     c.Bool("cleanup"),
-			ContextSubPath:              c.String("context-sub-path"),
-			CustomPlatform:              c.String("custom-platform"),
-			Force:                       c.Bool("force"),
-			ImageNameWithDigestFile:     c.String("image-name-with-digest-file"),
-			ImageNameTagWithDigestFile:  c.String("image-name-tag-with-digest-file"),
-			Insecure:                    c.Bool("insecure"),
-			InsecurePull:                c.Bool("insecure-pull"),
-			InsecureRegistry:            c.String("insecure-registry"),
-			Label:                       c.String("label"),
-			LogFormat:                   c.String("log-format"),
-			LogTimestamp:                c.Bool("log-timestamp"),
-			OCILayoutPath:               c.String("oci-layout-path"),
-			PushRetry:                   c.Int("push-retry"),
-			RegistryCertificate:         c.String("registry-certificate"),
-			RegistryClientCert:          c.String("registry-client-cert"),
-			SkipDefaultRegistryFallback: c.Bool("skip-default-registry-fallback"),
-			Reproducible:                c.Bool("reproducible"),
-			SingleSnapshot:              c.Bool("single-snapshot"),
-			SkipTLSVerify:               c.Bool("skip-tls-verify"),
-			SkipPushPermissionCheck:     c.Bool("skip-push-permission-check"),
-			SkipTLSVerifyPull:           c.Bool("skip-tls-verify-pull"),
-			SkipTLSVerifyRegistry:       c.Bool("skip-tls-verify-registry"),
-			UseNewRun:                   c.Bool("use-new-run"),
-			IgnorePath:                  c.String("ignore-path"),
-
-			ImageFSExtractRetry: c.Int("image-fs-extract-retry"),
-			ImageDownloadRetry:  c.Int("image-download-retry"),
+			Dockerfile: c.String("dockerfile"),
+			Context:    c.String("context"),
+			Tags:       c.StringSlice("tags"),
+			Args:       c.StringSlice("args"),
+			Target:     c.String("target"),
+			Repo:       c.String("repo"),
+			Labels:     c.StringSlice("custom-labels"),
 		},
-		Artifact: kaniko.Artifact{
-			Tags:         c.StringSlice("tags"),
-			Repo:         buildRepo(c.String("registry"), c.String("repo"), c.Bool("expand-repo")),
-			Registry:     c.String("registry"),
-			ArtifactFile: c.String("artifact-file"),
-			RegistryType: artifact.Docker,
-		},
-		Output: kaniko.Output{
-			OutputFile: c.String("output-file"),
-		},
-	}
-	if c.IsSet("compressed-caching") {
-		flag := c.Bool("compressed-caching")
-		plugin.Build.CompressedCaching = &flag
-	}
-	if c.IsSet("ignore-var-run") {
-		flag := c.Bool("ignore-var-run")
-		plugin.Build.IgnoreVarRun = &flag
 	}
 	return plugin.Exec()
 }
 
-func setDockerAuth(username, password, registry, baseImageUsername, baseImagePassword, baseImageRegistry string) error {
-	dockerConfig := docker.NewConfig()
-	pushToRegistryCreds := docker.RegistryCredentials{
-		Registry: registry,
-		Username: username,
-		Password: password,
+// Create the docker config file for authentication
+func createDockerCfgFile(username, password, registry string) error {
+	if username == "" {
+		return fmt.Errorf("Username must be specified")
+	}
+	if password == "" {
+		return fmt.Errorf("Password must be specified")
+	}
+	if registry == "" {
+		return fmt.Errorf("Registry must be specified")
 	}
-	credentials := []docker.RegistryCredentials{pushToRegistryCreds}
 
-	if baseImageRegistry != "" {
-		pullFromRegistryCreds := docker.RegistryCredentials{
-			Registry: baseImageRegistry,
-			Username: baseImageUsername,
-			Password: baseImagePassword,
-		}
-		credentials = append(credentials, pullFromRegistryCreds)
+	if registry == v2Registry {
+		fmt.Println("Docker v2 registry is not supported in kaniko. Refer issue: https://github.com/GoogleContainerTools/kaniko/issues/1209")
+		fmt.Printf("Using v1 registry instead: %s\n", v1Registry)
+		registry = v1Registry
 	}
-	// Creates docker config for both the regustries used for authentication
-	return dockerConfig.CreateDockerConfig(credentials, dockerPath)
-}
 
-func buildRepo(registry, repo string, expandRepo bool) string {
-	if !expandRepo || registry == "" || registry == v1RegistryURL {
-		// No custom registry, just return the repo name
-		return repo
+	err := os.MkdirAll(dockerPath, 0600)
+	if err != nil {
+		return errors.Wrap(err, fmt.Sprintf("failed to create %s directory", dockerPath))
 	}
-	// Trim off trailing slash to prevent double slash when combining with repo
-	registry = strings.TrimSuffix(registry, "/")
-	if strings.HasPrefix(repo, registry+"/") {
-		// Repo already includes the registry prefix
-		// For backward compatibility, we won't add the prefix again.
-		return repo
+
+	authBytes := []byte(fmt.Sprintf("%s:%s", username, password))
+	encodedString := base64.StdEncoding.EncodeToString(authBytes)
+	jsonBytes := []byte(fmt.Sprintf(`{"auths": {"%s": {"auth": "%s"}}}`, registry, encodedString))
+	err = ioutil.WriteFile(dockerConfigPath, jsonBytes, 0644)
+	if err != nil {
+		return errors.Wrap(err, "failed to create docker config file")
 	}
-	// Prefix the repo with the registry
-	return registry + "/" + repo
+	return nil
 }

cmd/kaniko-docker/main_test.go

@@ -1,123 +0,0 @@
-package main
-
-import (
-	"io/ioutil"
-	"os"
-	"testing"
-
-	"github.com/drone/drone-kaniko/pkg/docker"
-)
-
-func Test_buildRepo(t *testing.T) {
-	tests := []struct {
-		name     string
-		registry string
-		repo     string
-		want     string
-	}{
-		{
-			name: "dockerhub",
-			repo: "golang",
-			want: "golang",
-		},
-		{
-			name:     "internal",
-			registry: "artifactory.example.com",
-			repo:     "service",
-			want:     "artifactory.example.com/service",
-		},
-		{
-			name:     "backward_compatibility",
-			registry: "artifactory.example.com",
-			repo:     "artifactory.example.com/service",
-			want:     "artifactory.example.com/service",
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			if got := buildRepo(tt.registry, tt.repo, true); got != tt.want {
-				t.Errorf("buildRepo(%q, %q) = %v, want %v", tt.registry, tt.repo, got, tt.want)
-			}
-		})
-	}
-}
-
-func TestCreateDockerConfig(t *testing.T) {
-	config := docker.NewConfig()
-	tempDir, err := ioutil.TempDir("", "docker-config-test")
-	if err != nil {
-		t.Fatalf("Failed to create temporary directory: %v", err)
-	}
-	defer os.RemoveAll(tempDir)
-
-	tests := []struct {
-		name        string
-		credentials []docker.RegistryCredentials
-		wantErr     bool
-	}{
-		{
-			name: "valid credentials",
-			credentials: []docker.RegistryCredentials{
-				{
-					Registry: "https://index.docker.io/v1/",
-					Username: "testuser",
-					Password: "testpassword",
-				},
-			},
-			wantErr: false,
-		},
-		{
-			name: "v2 registry",
-			credentials: []docker.RegistryCredentials{
-				{
-					Registry: "https://index.docker.io/v2/",
-					Username: "testuser",
-					Password: "testpassword",
-				},
-			},
-			wantErr: false,
-		},
-		{
-			name: "docker registry credentials",
-			credentials: []docker.RegistryCredentials{
-				{
-					Registry: "https://index.docker.io/v1/",
-					Username: "testuser",
-					Password: "testpassword",
-				},
-				{
-					Registry: "https://docker.io",
-					Username: "dockeruser",
-					Password: "dockerpassword",
-				},
-			},
-			wantErr: false,
-		},
-		{
-			name: "empty docker registry",
-			credentials: []docker.RegistryCredentials{
-				{
-					Registry: "https://index.docker.io/v1/",
-					Username: "testuser",
-					Password: "testpassword",
-				},
-				{
-					Registry: "https://docker.io",
-					Username: "dockeruser",
-					Password: "",
-				},
-			},
-			wantErr: true,
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			err := config.CreateDockerConfig(tt.credentials, tempDir)
-			if (err != nil) != tt.wantErr {
-				t.Errorf("CreateDockerConfig() error = %v, wantErr %v", err, tt.wantErr)
-				return
-			}
-		})
-	}
-}

cmd/kaniko-ecr/main.go

@@ -1,62 +1,39 @@
 package main
 
 import (
-	"context"
-	"encoding/base64"
 	"fmt"
 	"io/ioutil"
 	"os"
-	"strings"
 
-	"github.com/aws/aws-sdk-go-v2/aws"
-	"github.com/aws/aws-sdk-go-v2/config"
-	"github.com/aws/aws-sdk-go-v2/service/ecr"
-	"github.com/aws/aws-sdk-go-v2/service/ecrpublic"
-	awsv1 "github.com/aws/aws-sdk-go/aws"
-	"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
-	"github.com/aws/aws-sdk-go/aws/session"
-	ecrv1 "github.com/aws/aws-sdk-go/service/ecr"
-	ecrpublicv1 "github.com/aws/aws-sdk-go/service/ecrpublic"
-	"github.com/aws/smithy-go"
-	"github.com/hashicorp/go-version"
 	"github.com/joho/godotenv"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli"
 
 	kaniko "github.com/drone/drone-kaniko"
-	"github.com/drone/drone-kaniko/pkg/artifact"
-	"github.com/drone/drone-kaniko/pkg/docker"
 )
 
 const (
 	accessKeyEnv     string = "AWS_ACCESS_KEY_ID"
-	dockerConfigPath string = "/kaniko/.docker"
 	secretKeyEnv     string = "AWS_SECRET_ACCESS_KEY"
-	ecrPublicDomain  string = "public.ecr.aws"
-	kanikoVersionEnv string = "KANIKO_VERSION"
-
-	oneDotEightVersion string = "1.8.0"
-	defaultDigestFile  string = "/kaniko/digest-file"
+	dockerConfigPath string = "/kaniko/.docker/config.json"
 )
 
 var (
-	pluginVersion = "unknown"
+	version = "unknown"
 )
 
 func main() {
 	// Load env-file if it exists first
 	if env := os.Getenv("PLUGIN_ENV_FILE"); env != "" {
-		if err := godotenv.Load(env); err != nil {
-			logrus.Fatal(err)
-		}
+		godotenv.Load(env)
 	}
 
 	app := cli.NewApp()
 	app.Name = "kaniko docker plugin"
 	app.Usage = "kaniko docker plugin"
 	app.Action = run
-	app.Version = pluginVersion
+	app.Version = version
 	app.Flags = []cli.Flag{
 		cli.StringFlag{
 			Name:   "dockerfile",
@@ -64,37 +41,12 @@ func main() {
 			Value:  "Dockerfile",
 			EnvVar: "PLUGIN_DOCKERFILE",
 		},
-		cli.StringFlag{
-			Name:   "docker-registry",
-			Usage:  "Docker registry for base image",
-			EnvVar: "PLUGIN_DOCKER_REGISTRY,DOCKER_REGISTRY,PLUGIN_BASE_IMAGE_REGISTRY",
-		},
-		cli.StringFlag{
-			Name:   "docker-username",
-			Usage:  "Docker username for base image registry",
-			EnvVar: "PLUGIN_USERNAME,PLUGIN_DOCKER_USERNAME,PLUGIN_BASE_IMAGE_USERNAME,DOCKER_USERNAME",
-		},
-		cli.StringFlag{
-			Name:   "docker-password",
-			Usage:  "Docker password for base image registry",
-			EnvVar: "PLUGIN_PASSWORD,PLUGIN_DOCKER_PASSWORD,PLUGIN_BASE_IMAGE_PASSWORD,DOCKER_PASSWORD",
-		},
 		cli.StringFlag{
 			Name:   "context",
 			Usage:  "build context",
 			Value:  ".",
 			EnvVar: "PLUGIN_CONTEXT",
 		},
-		cli.StringFlag{
-			Name:   "drone-commit-ref",
-			Usage:  "git commit ref passed by Drone",
-			EnvVar: "DRONE_COMMIT_REF",
-		},
-		cli.StringFlag{
-			Name:   "drone-repo-branch",
-			Usage:  "git repository default branch passed by Drone",
-			EnvVar: "DRONE_REPO_BRANCH",
-		},
 		cli.StringSliceFlag{
 			Name:     "tags",
 			Usage:    "build tags",
@@ -102,21 +54,6 @@ func main() {
 			EnvVar:   "PLUGIN_TAGS",
 			FilePath: ".tags",
 		},
-		cli.BoolFlag{
-			Name:   "expand-tag",
-			Usage:  "enable for semver tagging",
-			EnvVar: "PLUGIN_EXPAND_TAG",
-		},
-		cli.BoolFlag{
-			Name:   "auto-tag",
-			Usage:  "enable auto generation of build tags",
-			EnvVar: "PLUGIN_AUTO_TAG",
-		},
-		cli.StringFlag{
-			Name:   "auto-tag-suffix",
-			Usage:  "the suffix of auto build tags",
-			EnvVar: "PLUGIN_AUTO_TAG_SUFFIX",
-		},
 		cli.StringSliceFlag{
 			Name:   "args",
 			Usage:  "build args",
@@ -132,17 +69,6 @@ func main() {
 			Usage:  "docker repository",
 			EnvVar: "PLUGIN_REPO",
 		},
-		cli.BoolFlag{
-			Name:   "create-repository",
-			Usage:  "create ECR repository",
-			EnvVar: "PLUGIN_CREATE_REPOSITORY",
-		},
-		cli.StringFlag{
-			Name:   "region",
-			Usage:  "AWS region",
-			Value:  "us-east-1",
-			EnvVar: "PLUGIN_REGION",
-		},
 		cli.StringSliceFlag{
 			Name:   "custom-labels",
 			Usage:  "additional k=v labels",
@@ -153,11 +79,6 @@ func main() {
 			Usage:  "ECR registry",
 			EnvVar: "PLUGIN_REGISTRY",
 		},
-		cli.StringSliceFlag{
-			Name:   "registry-mirrors",
-			Usage:  "docker registry mirrors",
-			EnvVar: "PLUGIN_REGISTRY_MIRRORS",
-		},
 		cli.StringFlag{
 			Name:   "access-key",
 			Usage:  "ECR access key",
@@ -168,222 +89,6 @@ func main() {
 			Usage:  "ECR secret key",
 			EnvVar: "PLUGIN_SECRET_KEY",
 		},
-		cli.StringFlag{
-			Name:   "assume-role",
-			Usage:  "Assume a role",
-			EnvVar: "PLUGIN_ASSUME_ROLE",
-		},
-		cli.StringFlag{
-			Name:   "external-id",
-			Usage:  "Used along with assume role to assume a role",
-			EnvVar: "PLUGIN_EXTERNAL_ID",
-		},
-		cli.StringFlag{
-			Name:   "snapshot-mode",
-			Usage:  "Specify one of full, redo or time as snapshot mode",
-			EnvVar: "PLUGIN_SNAPSHOT_MODE",
-		},
-		cli.StringFlag{
-			Name:   "lifecycle-policy",
-			Usage:  "Path to lifecycle policy file",
-			EnvVar: "PLUGIN_LIFECYCLE_POLICY",
-		},
-		cli.StringFlag{
-			Name:   "repository-policy",
-			Usage:  "Path to repository policy file",
-			EnvVar: "PLUGIN_REPOSITORY_POLICY",
-		},
-		cli.BoolFlag{
-			Name:   "enable-cache",
-			Usage:  "Set this flag to opt into caching with kaniko",
-			EnvVar: "PLUGIN_ENABLE_CACHE",
-		},
-		cli.StringFlag{
-			Name:   "cache-repo",
-			Usage:  "Remote repository that will be used to store cached layers. Cache repo should be present in specified registry. enable-cache needs to be set to use this flag",
-			EnvVar: "PLUGIN_CACHE_REPO",
-		},
-		cli.IntFlag{
-			Name:   "cache-ttl",
-			Usage:  "Cache timeout in hours. Defaults to two weeks.",
-			EnvVar: "PLUGIN_CACHE_TTL",
-		},
-		cli.StringFlag{
-			Name:   "artifact-file",
-			Usage:  "Artifact file location that will be generated by the plugin. This file will include information of docker images that are uploaded by the plugin.",
-			EnvVar: "PLUGIN_ARTIFACT_FILE",
-		},
-		cli.BoolFlag{
-			Name:   "no-push",
-			Usage:  "Set this flag if you only want to build the image, without pushing to a registry",
-			EnvVar: "PLUGIN_NO_PUSH",
-		},
-		cli.StringFlag{
-			Name:   "verbosity",
-			Usage:  "Set this flag with value as oneof <panic|fatal|error|warn|info|debug|trace> to set the logging level for kaniko. Defaults to info.",
-			EnvVar: "PLUGIN_VERBOSITY",
-		},
-		cli.StringFlag{
-			Name:   "platform",
-			Usage:  "Allows to build with another default platform than the host, similarly to docker build --platform",
-			EnvVar: "PLUGIN_PLATFORM",
-		},
-		cli.BoolFlag{
-			Name:   "skip-unused-stages",
-			Usage:  "build only used stages",
-			EnvVar: "PLUGIN_SKIP_UNUSED_STAGES",
-		},
-		cli.StringFlag{
-			Name:   "cache-dir",
-			Usage:  "Set this flag to specify a local directory cache for base images",
-			EnvVar: "PLUGIN_CACHE_DIR",
-		},
-
-		cli.BoolFlag{
-			Name:   "cache-copy-layers",
-			Usage:  "Enable or disable copying layers from the cache.",
-			EnvVar: "PLUGIN_CACHE_COPY_LAYERS",
-		},
-		cli.BoolFlag{
-			Name:   "cache-run-layers",
-			Usage:  "Enable or disable running layers from the cache.",
-			EnvVar: "PLUGIN_CACHE_RUN_LAYERS",
-		},
-		cli.BoolFlag{
-			Name:   "cleanup",
-			Usage:  "Enable or disable cleanup of temporary files.",
-			EnvVar: "PLUGIN_CLEANUP",
-		},
-		cli.BoolFlag{
-			Name:   "compressed-caching",
-			Usage:  "Enable or disable compressed caching.",
-			EnvVar: "PLUGIN_COMPRESSED_CACHING",
-		},
-		cli.StringFlag{
-			Name:   "context-sub-path",
-			Usage:  "Sub-path within the context to build.",
-			EnvVar: "PLUGIN_CONTEXT_SUB_PATH",
-		},
-		cli.StringFlag{
-			Name:   "custom-platform",
-			Usage:  "Platform to use for building.",
-			EnvVar: "PLUGIN_CUSTOM_PLATFORM",
-		},
-		cli.BoolFlag{
-			Name:   "force",
-			Usage:  "Force building the image even if it already exists.",
-			EnvVar: "PLUGIN_FORCE",
-		},
-		cli.StringFlag{
-			Name:   "image-name-with-digest-file",
-			Usage:  "Write image name with digest to a file.",
-			EnvVar: "PLUGIN_IMAGE_NAME_WITH_DIGEST_FILE",
-		},
-		cli.StringFlag{
-			Name:   "image-name-tag-with-digest-file",
-			Usage:  "Write image name with tag and digest to a file.",
-			EnvVar: "PLUGIN_IMAGE_NAME_TAG_WITH_DIGEST_FILE",
-		},
-		cli.BoolFlag{
-			Name:   "insecure",
-			Usage:  "Allow connecting to registries without TLS.",
-			EnvVar: "PLUGIN_INSECURE",
-		},
-		cli.BoolFlag{
-			Name:   "insecure-pull",
-			Usage:  "Allow insecure pulls from the registry.",
-			EnvVar: "PLUGIN_INSECURE_PULL",
-		},
-		cli.StringFlag{
-			Name:   "insecure-registry",
-			Usage:  "Use plain HTTP for registry communication.",
-			EnvVar: "PLUGIN_INSECURE_REGISTRY",
-		},
-		cli.StringFlag{
-			Name:   "log-format",
-			Usage:  "Set the log format for build output.",
-			EnvVar: "PLUGIN_LOG_FORMAT",
-		},
-		cli.BoolFlag{
-			Name:   "log-timestamp",
-			Usage:  "Show timestamps in build output.",
-			EnvVar: "PLUGIN_LOG_TIMESTAMP",
-		},
-		cli.StringFlag{
-			Name:   "oci-layout-path",
-			Usage:  "Directory to store OCI layout.",
-			EnvVar: "PLUGIN_OCI_LAYOUT_PATH",
-		},
-		cli.IntFlag{
-			Name:   "push-retry",
-			Usage:  "Number of times to retry pushing an image.",
-			EnvVar: "PLUGIN_PUSH_RETRY",
-		},
-		cli.StringFlag{
-			Name:   "registry-certificate",
-			Usage:  "Path to a file containing a registry certificate.",
-			EnvVar: "PLUGIN_REGISTRY_CERTIFICATE",
-		},
-		cli.StringFlag{
-			Name:   "registry-client-cert",
-			Usage:  "Path to a file containing a registry client certificate.",
-			EnvVar: "PLUGIN_REGISTRY_CLIENT_CERT",
-		},
-		cli.BoolFlag{
-			Name:   "skip-default-registry-fallback",
-			Usage:  "Skip Docker Hub and default registry fallback.",
-			EnvVar: "PLUGIN_SKIP_DEFAULT_REGISTRY_FALLBACK",
-		},
-		cli.BoolFlag{
-			Name:   "reproducible",
-			Usage:  "Create a reproducible image.",
-			EnvVar: "PLUGIN_REPRODUCIBLE",
-		},
-		cli.BoolFlag{
-			Name:   "single-snapshot",
-			Usage:  "Only create a single snapshot of the image.",
-			EnvVar: "PLUGIN_SINGLE_SNAPSHOT",
-		},
-		cli.BoolFlag{
-			Name:   "skip-push-permission-check",
-			Usage:  "Skip permission check when pushing.",
-			EnvVar: "PLUGIN_SKIP_PUSH_PERMISSION_CHECK",
-		},
-		cli.BoolFlag{
-			Name:   "skip-tls-verify-pull",
-			Usage:  "Skip TLS verification when pulling.",
-			EnvVar: "PLUGIN_SKIP_TLS_VERIFY_PULL",
-		},
-		cli.BoolFlag{
-			Name:   "skip-tls-verify-registry",
-			Usage:  "Skip TLS verification when connecting to a registry.",
-			EnvVar: "PLUGIN_SKIP_TLS_VERIFY_REGISTRY",
-		},
-		cli.BoolFlag{
-			Name:   "use-new-run",
-			Usage:  "Skip TLS verification when connecting to a registry.",
-			EnvVar: "PLUGIN_USE_NEW_RUN",
-		},
-		cli.BoolFlag{
-			Name:   "ignore-var-run",
-			Usage:  "Ignore the /var/run directory during build.",
-			EnvVar: "PLUGIN_IGNORE_VAR_RUN",
-		},
-		cli.StringFlag{
-			Name:   "ignore-path",
-			Usage:  "Path to ignore during the build.",
-			EnvVar: "PLUGIN_IGNORE_PATH",
-		},
-		cli.IntFlag{
-			Name:   "image-fs-extract-retry",
-			Usage:  "Number of retries for extracting filesystem layers.",
-			EnvVar: "PLUGIN_IMAGE_FS_EXTRACT_RETRY",
-		},
-		cli.IntFlag{
-			Name:   "image-download-retry",
-			Usage:  "Number of retries for downloading base images.",
-			EnvVar: "PLUGIN_IMAGE_DOWNLOAD_RETRY",
-		},
 	}
 
 	if err := app.Run(os.Args); err != nil {
@@ -392,382 +97,47 @@ func main() {
 }
 
 func run(c *cli.Context) error {
-	repo := c.String("repo")
-	registry := c.String("registry")
-	region := c.String("region")
-	noPush := c.Bool("no-push")
-	assumeRole := c.String("assume-role")
-	externalId := c.String("external-id")
-
-	// setup docker config for azure registry and base image docker registry
-	err := setDockerAuth(
-		c.String("docker-registry"),
-		c.String("docker-username"),
-		c.String("docker-password"),
-		c.String("access-key"),
-		c.String("secret-key"),
-		registry,
-		assumeRole,
-		externalId,
-		region,
-		noPush,
-	)
+	err := setupECRAuth(c.String("access-key"), c.String("secret-key"), c.String("registry"))
 	if err != nil {
-		return errors.Wrap(err, "failed to create docker config")
-	}
-
-	// only create repository when pushing and create-repository is true
-	if !noPush && c.Bool("create-repository") {
-		if err := createRepository(region, repo, registry, assumeRole, externalId); err != nil {
-			return err
-		}
-	}
-
-	if c.IsSet("lifecycle-policy") {
-		contents, err := ioutil.ReadFile(c.String("lifecycle-policy"))
-		if err != nil {
-			logrus.Fatal(err)
-		}
-		if err := uploadLifeCyclePolicy(region, repo, string(contents), assumeRole, externalId); err != nil {
-			logrus.Fatal(fmt.Sprintf("error uploading ECR lifecycle policy: %v", err))
-		}
-	}
-
-	if c.IsSet("repository-policy") {
-		contents, err := ioutil.ReadFile(c.String("repository-policy"))
-		if err != nil {
-			logrus.Fatal(err)
-		}
-		if err := uploadRepositoryPolicy(region, repo, registry, string(contents), assumeRole, externalId); err != nil {
-			logrus.Fatal(fmt.Sprintf("error uploading ECR lifecycle policy: %v", err))
-		}
+		return err
 	}
 
 	plugin := kaniko.Plugin{
 		Build: kaniko.Build{
-			DroneCommitRef:              c.String("drone-commit-ref"),
-			DroneRepoBranch:             c.String("drone-repo-branch"),
-			Dockerfile:                  c.String("dockerfile"),
-			Context:                     c.String("context"),
-			Tags:                        c.StringSlice("tags"),
-			AutoTag:                     c.Bool("auto-tag"),
-			AutoTagSuffix:               c.String("auto-tag-suffix"),
-			ExpandTag:                   c.Bool("expand-tag"),
-			Args:                        c.StringSlice("args"),
-			Target:                      c.String("target"),
-			Repo:                        fmt.Sprintf("%s/%s", c.String("registry"), c.String("repo")),
-			Mirrors:                     c.StringSlice("registry-mirrors"),
-			Labels:                      c.StringSlice("custom-labels"),
-			SnapshotMode:                c.String("snapshot-mode"),
-			EnableCache:                 c.Bool("enable-cache"),
-			CacheRepo:                   fmt.Sprintf("%s/%s", c.String("registry"), c.String("cache-repo")),
-			CacheTTL:                    c.Int("cache-ttl"),
-			DigestFile:                  defaultDigestFile,
-			NoPush:                      noPush,
-			Verbosity:                   c.String("verbosity"),
-			Platform:                    c.String("platform"),
-			SkipUnusedStages:            c.Bool("skip-unused-stages"),
-			CacheDir:                    c.String("cache-dir"),
-			CacheCopyLayers:             c.Bool("cache-copy-layers"),
-			CacheRunLayers:              c.Bool("cache-run-layers"),
-			Cleanup:                     c.Bool("cleanup"),
-			ContextSubPath:              c.String("context-sub-path"),
-			CustomPlatform:              c.String("custom-platform"),
-			Force:                       c.Bool("force"),
-			ImageNameWithDigestFile:     c.String("image-name-with-digest-file"),
-			ImageNameTagWithDigestFile:  c.String("image-name-tag-with-digest-file"),
-			Insecure:                    c.Bool("insecure"),
-			InsecurePull:                c.Bool("insecure-pull"),
-			InsecureRegistry:            c.String("insecure-registry"),
-			Label:                       c.String("label"),
-			LogFormat:                   c.String("log-format"),
-			LogTimestamp:                c.Bool("log-timestamp"),
-			OCILayoutPath:               c.String("oci-layout-path"),
-			PushRetry:                   c.Int("push-retry"),
-			RegistryCertificate:         c.String("registry-certificate"),
-			RegistryClientCert:          c.String("registry-client-cert"),
-			SkipDefaultRegistryFallback: c.Bool("skip-default-registry-fallback"),
-			Reproducible:                c.Bool("reproducible"),
-			SingleSnapshot:              c.Bool("single-snapshot"),
-			SkipTLSVerify:               c.Bool("skip-tls-verify"),
-			SkipPushPermissionCheck:     c.Bool("skip-push-permission-check"),
-			SkipTLSVerifyPull:           c.Bool("skip-tls-verify-pull"),
-			SkipTLSVerifyRegistry:       c.Bool("skip-tls-verify-registry"),
-			UseNewRun:                   c.Bool("use-new-run"),
-			IgnorePath:                  c.String("ignore-path"),
-			ImageFSExtractRetry:         c.Int("image-fs-extract-retry"),
-			ImageDownloadRetry:          c.Int("image-download-retry"),
+			Dockerfile: c.String("dockerfile"),
+			Context:    c.String("context"),
+			Tags:       c.StringSlice("tags"),
+			Args:       c.StringSlice("args"),
+			Target:     c.String("target"),
+			Repo:       fmt.Sprintf("%s/%s", c.String("registry"), c.String("repo")),
+			Labels:     c.StringSlice("custom-labels"),
 		},
-		Artifact: kaniko.Artifact{
-			Tags:         c.StringSlice("tags"),
-			Repo:         c.String("repo"),
-			Registry:     c.String("registry"),
-			ArtifactFile: c.String("artifact-file"),
-			RegistryType: artifact.ECR,
-		},
-	}
-	if c.IsSet("compressed-caching") {
-		flag := c.Bool("compressed-caching")
-		plugin.Build.CompressedCaching = &flag
-	}
-	if c.IsSet("ignore-var-run") {
-		flag := c.Bool("ignore-var-run")
-		plugin.Build.IgnoreVarRun = &flag
 	}
 	return plugin.Exec()
 }
 
-func setDockerAuth(dockerRegistry, dockerUsername, dockerPassword, accessKey, secretKey,
-	registry, assumeRole, externalId, region string, noPush bool) error {
-	dockerConfig := docker.NewConfig()
-	credentials := []docker.RegistryCredentials{}
-	// set docker credentials for base image registry
-	if dockerRegistry != "" {
-		pullFromRegistryCreds := docker.RegistryCredentials{
-			Registry: dockerRegistry,
-			Username: dockerUsername,
-			Password: dockerPassword,
-		}
-		credentials = append(credentials, pullFromRegistryCreds)
-	}
-
-	if assumeRole != "" {
-		var err error
-		username, password, registry, err := getAssumeRoleCreds(region, assumeRole, externalId, "")
-		if err != nil {
-			return err
-		}
-		pushToRegistryCreds := docker.RegistryCredentials{
-			Registry: registry,
-			Username: username,
-			Password: password,
-		}
-		credentials = append(credentials, pushToRegistryCreds)
-
-	} else if !noPush || accessKey != "" {
-		// only setup auth when pushing or credentials are defined
-		if registry == "" {
-			return fmt.Errorf("registry must be specified")
-		}
-
-		// If IAM role is used, access key & secret key are not required
-		if accessKey != "" && secretKey != "" {
-			err := os.Setenv(accessKeyEnv, accessKey)
-			if err != nil {
-				return errors.Wrap(err, fmt.Sprintf("failed to set %s environment variable", accessKeyEnv))
-			}
-
-			err = os.Setenv(secretKeyEnv, secretKey)
-			if err != nil {
-				return errors.Wrap(err, fmt.Sprintf("failed to set %s environment variable", secretKeyEnv))
-			}
-		}
-
-		// kaniko-executor >=1.8.0 does not require additional cred helper logic for ECR,
-		// as it discovers ECR repositories automatically and acts accordingly.
-		if isKanikoVersionBelowOneDotEight(os.Getenv(kanikoVersionEnv)) {
-			dockerConfig.SetCredHelper(ecrPublicDomain, "ecr-login")
-			dockerConfig.SetCredHelper(registry, "ecr-login")
-		}
-	}
-	return dockerConfig.CreateDockerConfig(credentials, dockerConfigPath)
-}
-
-func createRepository(region, repo, registry, assumeRole, externalId string) error {
+func setupECRAuth(accessKey, secretKey, registry string) error {
 	if registry == "" {
-		return fmt.Errorf("registry must be specified")
+		return fmt.Errorf("Registry must be specified")
 	}
 
-	if repo == "" {
-		return fmt.Errorf("repo must be specified")
-	}
-
-	var createErr error
-
-	if assumeRole != "" {
-		if isRegistryPublic(registry) {
-			_, createErr = getAssumeRoleEcrPublicSvc(region, assumeRole, externalId).CreateRepository(&ecrpublicv1.CreateRepositoryInput{RepositoryName: &repo})
-		} else {
-			_, createErr = getAssumeRoleEcrSvc(region, assumeRole, externalId).CreateRepository(&ecrv1.CreateRepositoryInput{RepositoryName: &repo})
-		}
-	} else {
-		cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithRegion(region))
+	// If IAM role is used, access key & secret key are not required
+	if accessKey != "" && secretKey != "" {
+		err := os.Setenv(accessKeyEnv, accessKey)
 		if err != nil {
-			return errors.Wrap(err, "failed to load aws config")
+			return errors.Wrap(err, fmt.Sprintf("failed to set %s environment variable", accessKeyEnv))
 		}
-		//create public repo
-		//if registry string starts with public domain (ex: public.ecr.aws/example-registry)
-		if isRegistryPublic(registry) {
-			svc := ecrpublic.NewFromConfig(cfg)
-			_, createErr = svc.CreateRepository(context.TODO(), &ecrpublic.CreateRepositoryInput{RepositoryName: &repo})
-			//create private repo
-		} else {
-			svc := ecr.NewFromConfig(cfg)
-			_, createErr = svc.CreateRepository(context.TODO(), &ecr.CreateRepositoryInput{RepositoryName: &repo})
+
+		err = os.Setenv(secretKeyEnv, secretKey)
+		if err != nil {
+			return errors.Wrap(err, fmt.Sprintf("failed to set %s environment variable", secretKeyEnv))
 		}
 	}
 
-	var apiError smithy.APIError
-	if errors.As(createErr, &apiError) && apiError.ErrorCode() != "RepositoryAlreadyExistsException" {
-		return errors.Wrap(createErr, "failed to create repository")
+	jsonBytes := []byte(fmt.Sprintf(`{"credStore": "ecr-login", "credHelpers": {"%s": "ecr-login"}}`, registry))
+	err := ioutil.WriteFile(dockerConfigPath, jsonBytes, 0644)
+	if err != nil {
+		return errors.Wrap(err, "failed to create docker config file")
 	}
-
 	return nil
 }
-
-func uploadLifeCyclePolicy(region, repo, lifecyclePolicy, assumeRole, externalId string) (err error) {
-	if assumeRole != "" {
-		input := &ecrv1.PutLifecyclePolicyInput{
-			LifecyclePolicyText: aws.String(lifecyclePolicy),
-			RepositoryName:      aws.String(repo),
-		}
-		_, err = getAssumeRoleEcrSvc(region, assumeRole, externalId).PutLifecyclePolicy(input)
-	} else {
-		cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithRegion(region))
-		if err != nil {
-			return errors.Wrap(err, "failed to load aws config")
-		}
-
-		svc := ecr.NewFromConfig(cfg)
-
-		input := &ecr.PutLifecyclePolicyInput{
-			LifecyclePolicyText: aws.String(lifecyclePolicy),
-			RepositoryName:      aws.String(repo),
-		}
-		_, err = svc.PutLifecyclePolicy(context.TODO(), input)
-	}
-
-	return err
-}
-
-func uploadRepositoryPolicy(region, repo, registry, repositoryPolicy, assumeRole, externalId string) (err error) {
-	if assumeRole != "" {
-		if isRegistryPublic(registry) {
-			input := &ecrpublicv1.SetRepositoryPolicyInput{
-				PolicyText:     aws.String(repositoryPolicy),
-				RepositoryName: aws.String(repo),
-			}
-			_, err = getAssumeRoleEcrPublicSvc(region, assumeRole, externalId).SetRepositoryPolicy(input)
-		} else {
-			input := &ecrv1.SetRepositoryPolicyInput{
-				PolicyText:     aws.String(repositoryPolicy),
-				RepositoryName: aws.String(repo),
-			}
-			_, err = getAssumeRoleEcrSvc(region, assumeRole, externalId).SetRepositoryPolicy(input)
-		}
-	} else {
-		cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithRegion(region))
-		if err != nil {
-			return errors.Wrap(err, "failed to load aws config")
-		}
-
-		if isRegistryPublic(registry) {
-			svc := ecrpublic.NewFromConfig(cfg)
-			input := &ecrpublic.SetRepositoryPolicyInput{
-				PolicyText:     aws.String(repositoryPolicy),
-				RepositoryName: aws.String(repo),
-			}
-			_, err = svc.SetRepositoryPolicy(context.TODO(), input)
-		} else {
-			svc := ecr.NewFromConfig(cfg)
-			input := &ecr.SetRepositoryPolicyInput{
-				PolicyText:     aws.String(repositoryPolicy),
-				RepositoryName: aws.String(repo),
-			}
-			_, err = svc.SetRepositoryPolicy(context.TODO(), input)
-		}
-	}
-
-	return err
-}
-
-func getAssumeRoleCreds(region, roleArn, externalId, roleSessionName string) (string, string, string, error) {
-	sess, err := session.NewSession(&awsv1.Config{Region: &region})
-	if err != nil {
-		return "", "", "", errors.Wrap(err, "failed to create aws session")
-	}
-
-	svc := ecrv1.New(sess, &awsv1.Config{
-		Credentials: stscreds.NewCredentials(sess, roleArn, func(p *stscreds.AssumeRoleProvider) {
-			if externalId != "" {
-				p.ExternalID = &externalId
-			}
-		}),
-	})
-
-	username, password, registry, err := getAuthInfo(svc)
-	if err != nil {
-		return "", "", "", errors.Wrap(err, "failed to get ECR auth: no basic auth credentials")
-	}
-	return username, password, registry, nil
-}
-
-func getAuthInfo(svc *ecrv1.ECR) (username, password, registry string, err error) {
-	var result *ecrv1.GetAuthorizationTokenOutput
-	var decoded []byte
-
-	result, err = svc.GetAuthorizationToken(&ecrv1.GetAuthorizationTokenInput{})
-	if err != nil {
-		return
-	}
-
-	auth := result.AuthorizationData[0]
-	token := *auth.AuthorizationToken
-	decoded, err = base64.StdEncoding.DecodeString(token)
-	if err != nil {
-		return
-	}
-
-	registry = strings.TrimPrefix(*auth.ProxyEndpoint, "https://")
-	creds := strings.Split(string(decoded), ":")
-	username = creds[0]
-	password = creds[1]
-	return
-}
-
-func getAssumeRoleEcrSvc(region, assumeRole, externalId string) *ecrv1.ECR {
-	sess, err := session.NewSession(&awsv1.Config{Region: &region})
-	if err != nil {
-		logrus.Fatal(err, "failed to create aws session")
-	}
-
-	return ecrv1.New(sess, &awsv1.Config{
-		Credentials: stscreds.NewCredentials(sess, assumeRole, func(p *stscreds.AssumeRoleProvider) {
-			if externalId != "" {
-				p.ExternalID = &externalId
-			}
-		}),
-	})
-}
-
-func getAssumeRoleEcrPublicSvc(region, assumeRole, externalId string) *ecrpublicv1.ECRPublic {
-	sess, err := session.NewSession(&awsv1.Config{Region: &region})
-	if err != nil {
-		logrus.Fatal(err, "failed to create aws session")
-	}
-
-	return ecrpublicv1.New(sess, &awsv1.Config{
-		Credentials: stscreds.NewCredentials(sess, assumeRole, func(p *stscreds.AssumeRoleProvider) {
-			if externalId != "" {
-				p.ExternalID = &externalId
-			}
-		}),
-	})
-}
-
-func isRegistryPublic(registry string) bool {
-	return strings.HasPrefix(registry, ecrPublicDomain)
-}
-
-func isKanikoVersionBelowOneDotEight(v string) bool {
-	currVer, err := version.NewVersion(v)
-	if err != nil {
-		return true
-	}
-	oneEightVer, err := version.NewVersion(oneDotEightVersion)
-	if err != nil {
-		return true
-	}
-
-	return currVer.LessThan(oneEightVer)
-}

cmd/kaniko-ecr/main_test.go

@@ -1,45 +0,0 @@
-package main
-
-import (
-	"encoding/base64"
-	"io/ioutil"
-	"os"
-	"testing"
-
-	"github.com/drone/drone-kaniko/pkg/docker"
-	"github.com/stretchr/testify/assert"
-)
-
-func TestCreateDockerConfigForECRWithBaseRegistry(t *testing.T) {
-	accessKey := "access-key"
-	secretKey := "secret-key"
-	ecrRegistry := "ecr-registry"
-	dockerUsername := "dockeruser"
-	dockerPassword := "dockerpass"
-	dockerRegistry := "https://index.docker.io/v1/"
-
-	tempDir, err := ioutil.TempDir("", "docker-config-test")
-	assert.NoError(t, err)
-	defer os.RemoveAll(tempDir)
-
-	config := docker.NewConfig()
-
-	pullFromRegistryCreds := docker.RegistryCredentials{
-		Registry: dockerRegistry,
-		Username: dockerUsername,
-		Password: dockerPassword,
-	}
-	credentials := []docker.RegistryCredentials{
-		{Registry: ecrRegistry, Username: accessKey, Password: secretKey},
-		pullFromRegistryCreds,
-	}
-
-	err = config.CreateDockerConfig(credentials, tempDir)
-	assert.NoError(t, err)
-
-	expectedECRAuth := docker.Auth{Auth: base64.StdEncoding.EncodeToString([]byte(accessKey + ":" + secretKey))}
-	assert.Equal(t, expectedECRAuth, config.Auths[ecrRegistry])
-
-	expectedDockerAuth := docker.Auth{Auth: base64.StdEncoding.EncodeToString([]byte(dockerUsername + ":" + dockerPassword))}
-	assert.Equal(t, expectedDockerAuth, config.Auths[dockerRegistry])
-}

cmd/kaniko-gar/main.go

@@ -1,462 +0,0 @@
-package main
-
-import (
-	"fmt"
-	"io/ioutil"
-	"os"
-
-	"github.com/joho/godotenv"
-	"github.com/pkg/errors"
-	"github.com/sirupsen/logrus"
-	"github.com/urfave/cli"
-
-	kaniko "github.com/drone/drone-kaniko"
-	"github.com/drone/drone-kaniko/pkg/artifact"
-	"github.com/drone/drone-kaniko/pkg/docker"
-)
-
-const (
-	dockerConfigPath string = "/kaniko/.docker"
-	// GAR JSON key file path
-	garKeyPath       string = "/kaniko/config.json"
-	garEnvVariable   string = "GOOGLE_APPLICATION_CREDENTIALS"
-
-	defaultDigestFile string = "/kaniko/digest-file"
-)
-
-var (
-	version = "unknown"
-)
-
-func main() {
-	// Load env-file if it exists first
-	if env := os.Getenv("PLUGIN_ENV_FILE"); env != "" {
-		if err := godotenv.Load(env); err != nil {
-			logrus.Fatal(err)
-		}
-	}
-
-	app := cli.NewApp()
-	app.Name = "kaniko gar plugin"
-	app.Usage = "kaniko gar plugin"
-	app.Action = run
-	app.Version = version
-	app.Flags = []cli.Flag{
-		cli.StringFlag{
-			Name:   "dockerfile",
-			Usage:  "build dockerfile",
-			Value:  "Dockerfile",
-			EnvVar: "PLUGIN_DOCKERFILE",
-		},
-		cli.StringFlag{
-			Name:   "context",
-			Usage:  "build context",
-			Value:  ".",
-			EnvVar: "PLUGIN_CONTEXT",
-		},
-		cli.StringFlag{
-			Name:   "drone-commit-ref",
-			Usage:  "git commit ref passed by Drone",
-			EnvVar: "DRONE_COMMIT_REF",
-		},
-		cli.StringFlag{
-			Name:   "drone-repo-branch",
-			Usage:  "git repository default branch passed by Drone",
-			EnvVar: "DRONE_REPO_BRANCH",
-		},
-		cli.StringSliceFlag{
-			Name:     "tags",
-			Usage:    "build tags",
-			Value:    &cli.StringSlice{"latest"},
-			EnvVar:   "PLUGIN_TAGS",
-			FilePath: ".tags",
-		},
-		cli.BoolFlag{
-			Name:   "expand-tag",
-			Usage:  "enable for semver tagging",
-			EnvVar: "PLUGIN_EXPAND_TAG",
-		},
-		cli.BoolFlag{
-			Name:   "auto-tag",
-			Usage:  "enable auto generation of build tags",
-			EnvVar: "PLUGIN_AUTO_TAG",
-		},
-		cli.StringFlag{
-			Name:   "auto-tag-suffix",
-			Usage:  "the suffix of auto build tags",
-			EnvVar: "PLUGIN_AUTO_TAG_SUFFIX",
-		},
-		cli.StringSliceFlag{
-			Name:   "args",
-			Usage:  "build args",
-			EnvVar: "PLUGIN_BUILD_ARGS",
-		},
-		cli.StringFlag{
-			Name:   "target",
-			Usage:  "build target",
-			EnvVar: "PLUGIN_TARGET",
-		},
-		cli.StringFlag{
-			Name:   "repo",
-			Usage:  "gar repository",
-			EnvVar: "PLUGIN_REPO",
-		},
-		cli.StringSliceFlag{
-			Name:   "custom-labels",
-			Usage:  "additional k=v labels",
-			EnvVar: "PLUGIN_CUSTOM_LABELS",
-		},
-		cli.StringFlag{
-			Name:   "registry",
-			Usage:  "gar registry",
-			EnvVar: "PLUGIN_REGISTRY",
-		},
-		cli.StringFlag{
-			Name:   "base-image-username",
-			Usage:  "Docker username for base image registry",
-			EnvVar: "PLUGIN_DOCKER_USERNAME,PLUGIN_BASE_IMAGE_USERNAME,DOCKER_USERNAME",
-		},
-		cli.StringFlag{
-			Name:   "base-image-password",
-			Usage:  "Docker password for base image registry",
-			EnvVar: "PLUGIN_DOCKER_PASSWORD,PLUGIN_BASE_IMAGE_PASSWORD,DOCKER_PASSWORD",
-		},
-		cli.StringFlag{
-			Name:   "base-image-registry",
-			Usage:  "Docker registry for base image registry",
-			EnvVar: "PLUGIN_DOCKER_REGISTRY,PLUGIN_BASE_IMAGE_REGISTRY,DOCKER_REGISTRY",
-		},
-		cli.StringSliceFlag{
-			Name:   "registry-mirrors",
-			Usage:  "docker registry mirrors",
-			EnvVar: "PLUGIN_REGISTRY_MIRRORS",
-		},
-		cli.StringFlag{
-			Name:   "json-key",
-			Usage:  "docker username",
-			EnvVar: "PLUGIN_JSON_KEY",
-		},
-		cli.StringFlag{
-			Name:   "snapshot-mode",
-			Usage:  "Specify one of full, redo or time as snapshot mode",
-			EnvVar: "PLUGIN_SNAPSHOT_MODE",
-		},
-		cli.BoolFlag{
-			Name:   "enable-cache",
-			Usage:  "Set this flag to opt into caching with kaniko",
-			EnvVar: "PLUGIN_ENABLE_CACHE",
-		},
-		cli.StringFlag{
-			Name:   "cache-repo",
-			Usage:  "Remote repository that will be used to store cached layers. Cache repo should be present in specified registry. enable-cache needs to be set to use this flag",
-			EnvVar: "PLUGIN_CACHE_REPO",
-		},
-		cli.IntFlag{
-			Name:   "cache-ttl",
-			Usage:  "Cache timeout in hours. Defaults to two weeks.",
-			EnvVar: "PLUGIN_CACHE_TTL",
-		},
-		cli.StringFlag{
-			Name:   "artifact-file",
-			Usage:  "Artifact file location that will be generated by the plugin. This file will include information of docker images that are uploaded by the plugin.",
-			EnvVar: "PLUGIN_ARTIFACT_FILE",
-		},
-		cli.BoolFlag{
-			Name:   "no-push",
-			Usage:  "Set this flag if you only want to build the image, without pushing to a registry",
-			EnvVar: "PLUGIN_NO_PUSH",
-		},
-		cli.StringFlag{
-			Name:   "verbosity",
-			Usage:  "Set this flag as --verbosity=<panic|fatal|error|warn|info|debug|trace> to set the logging level for kaniko. Defaults to info.",
-			EnvVar: "PLUGIN_VERBOSITY",
-		},
-		cli.StringFlag{
-			Name:   "platform",
-			Usage:  "Allows to build with another default platform than the host, similarly to docker build --platform",
-			EnvVar: "PLUGIN_PLATFORM",
-		},
-		cli.BoolFlag{
-			Name:   "skip-unused-stages",
-			Usage:  "build only used stages",
-			EnvVar: "PLUGIN_SKIP_UNUSED_STAGES",
-		},
-		cli.StringFlag{
-			Name:   "cache-dir",
-			Usage:  "Set this flag to specify a local directory cache for base images",
-			EnvVar: "PLUGIN_CACHE_DIR",
-		},
-
-		cli.BoolFlag{
-			Name:   "cache-copy-layers",
-			Usage:  "Enable or disable copying layers from the cache.",
-			EnvVar: "PLUGIN_CACHE_COPY_LAYERS",
-		},
-		cli.BoolFlag{
-			Name:   "cache-run-layers",
-			Usage:  "Enable or disable running layers from the cache.",
-			EnvVar: "PLUGIN_CACHE_RUN_LAYERS",
-		},
-		cli.BoolFlag{
-			Name:   "cleanup",
-			Usage:  "Enable or disable cleanup of temporary files.",
-			EnvVar: "PLUGIN_CLEANUP",
-		},
-		cli.BoolFlag{
-			Name:   "compressed-caching",
-			Usage:  "Enable or disable compressed caching.",
-			EnvVar: "PLUGIN_COMPRESSED_CACHING",
-		},
-		cli.StringFlag{
-			Name:   "context-sub-path",
-			Usage:  "Sub-path within the context to build.",
-			EnvVar: "PLUGIN_CONTEXT_SUB_PATH",
-		},
-		cli.StringFlag{
-			Name:   "custom-platform",
-			Usage:  "Platform to use for building.",
-			EnvVar: "PLUGIN_CUSTOM_PLATFORM",
-		},
-		cli.BoolFlag{
-			Name:   "force",
-			Usage:  "Force building the image even if it already exists.",
-			EnvVar: "PLUGIN_FORCE",
-		},
-		cli.StringFlag{
-			Name:   "image-name-with-digest-file",
-			Usage:  "Write image name with digest to a file.",
-			EnvVar: "PLUGIN_IMAGE_NAME_WITH_DIGEST_FILE",
-		},
-		cli.StringFlag{
-			Name:   "image-name-tag-with-digest-file",
-			Usage:  "Write image name with tag and digest to a file.",
-			EnvVar: "PLUGIN_IMAGE_NAME_TAG_WITH_DIGEST_FILE",
-		},
-		cli.BoolFlag{
-			Name:   "insecure",
-			Usage:  "Allow connecting to registries without TLS.",
-			EnvVar: "PLUGIN_INSECURE",
-		},
-		cli.BoolFlag{
-			Name:   "insecure-pull",
-			Usage:  "Allow insecure pulls from the registry.",
-			EnvVar: "PLUGIN_INSECURE_PULL",
-		},
-		cli.StringFlag{
-			Name:   "insecure-registry",
-			Usage:  "Use plain HTTP for registry communication.",
-			EnvVar: "PLUGIN_INSECURE_REGISTRY",
-		},
-		cli.StringFlag{
-			Name:   "log-format",
-			Usage:  "Set the log format for build output.",
-			EnvVar: "PLUGIN_LOG_FORMAT",
-		},
-		cli.BoolFlag{
-			Name:   "log-timestamp",
-			Usage:  "Show timestamps in build output.",
-			EnvVar: "PLUGIN_LOG_TIMESTAMP",
-		},
-		cli.StringFlag{
-			Name:   "oci-layout-path",
-			Usage:  "Directory to store OCI layout.",
-			EnvVar: "PLUGIN_OCI_LAYOUT_PATH",
-		},
-		cli.IntFlag{
-			Name:   "push-retry",
-			Usage:  "Number of times to retry pushing an image.",
-			EnvVar: "PLUGIN_PUSH_RETRY",
-		},
-		cli.StringFlag{
-			Name:   "registry-certificate",
-			Usage:  "Path to a file containing a registry certificate.",
-			EnvVar: "PLUGIN_REGISTRY_CERTIFICATE",
-		},
-		cli.StringFlag{
-			Name:   "registry-client-cert",
-			Usage:  "Path to a file containing a registry client certificate.",
-			EnvVar: "PLUGIN_REGISTRY_CLIENT_CERT",
-		},
-		cli.BoolFlag{
-			Name:   "skip-default-registry-fallback",
-			Usage:  "Skip Docker Hub and default registry fallback.",
-			EnvVar: "PLUGIN_SKIP_DEFAULT_REGISTRY_FALLBACK",
-		},
-		cli.BoolFlag{
-			Name:   "reproducible",
-			Usage:  "Create a reproducible image.",
-			EnvVar: "PLUGIN_REPRODUCIBLE",
-		},
-		cli.BoolFlag{
-			Name:   "single-snapshot",
-			Usage:  "Only create a single snapshot of the image.",
-			EnvVar: "PLUGIN_SINGLE_SNAPSHOT",
-		},
-		cli.BoolFlag{
-			Name:   "skip-push-permission-check",
-			Usage:  "Skip permission check when pushing.",
-			EnvVar: "PLUGIN_SKIP_PUSH_PERMISSION_CHECK",
-		},
-		cli.BoolFlag{
-			Name:   "skip-tls-verify-pull",
-			Usage:  "Skip TLS verification when pulling.",
-			EnvVar: "PLUGIN_SKIP_TLS_VERIFY_PULL",
-		},
-		cli.BoolFlag{
-			Name:   "skip-tls-verify-registry",
-			Usage:  "Skip TLS verification when connecting to a registry.",
-			EnvVar: "PLUGIN_SKIP_TLS_VERIFY_REGISTRY",
-		},
-		cli.BoolFlag{
-			Name:   "use-new-run",
-			Usage:  "Skip TLS verification when connecting to a registry.",
-			EnvVar: "PLUGIN_USE_NEW_RUN",
-		},
-		cli.BoolFlag{
-			Name:   "ignore-var-run",
-			Usage:  "Ignore the /var/run directory during build.",
-			EnvVar: "PLUGIN_IGNORE_VAR_RUN",
-		},
-		cli.StringFlag{
-			Name:   "ignore-path",
-			Usage:  "Path to ignore during the build.",
-			EnvVar: "PLUGIN_IGNORE_PATH",
-		},
-		cli.IntFlag{
-			Name:   "image-fs-extract-retry",
-			Usage:  "Number of retries for extracting filesystem layers.",
-			EnvVar: "PLUGIN_IMAGE_FS_EXTRACT_RETRY",
-		},
-		cli.IntFlag{
-			Name:   "image-download-retry",
-			Usage:  "Number of retries for downloading base images.",
-			EnvVar: "PLUGIN_IMAGE_DOWNLOAD_RETRY",
-		},
-	}
-
-	if err := app.Run(os.Args); err != nil {
-		logrus.Fatal(err)
-	}
-}
-
-func run(c *cli.Context) error {
-	noPush := c.Bool("no-push")
-	jsonKey := c.String("json-key")
-	// JSON key may not be set in the following cases:
-	// 1. Image does not need to be pushed to GAR.
-	// 2. Workload identity is set on GKE in which pod will inherit the credentials via service account.
-	if jsonKey != "" {
-		if err := setupGARAuth(jsonKey); err != nil {
-			return err
-		}
-
-		// setup docker config only when base image registry is specified
-		if c.String("base-image-registry") != ""{
-			if err := setDockerAuth(
-				c.String("base-image-username"),
-				c.String("base-image-password"),
-				c.String("base-image-registry"),
-			); err != nil {
-				return errors.Wrap(err, "failed to create docker config")
-			}
-		}
-	}
-
-	plugin := kaniko.Plugin{
-		Build: kaniko.Build{
-			DroneCommitRef:              c.String("drone-commit-ref"),
-			DroneRepoBranch:             c.String("drone-repo-branch"),
-			Dockerfile:                  c.String("dockerfile"),
-			Context:                     c.String("context"),
-			Tags:                        c.StringSlice("tags"),
-			AutoTag:                     c.Bool("auto-tag"),
-			AutoTagSuffix:               c.String("auto-tag-suffix"),
-			ExpandTag:                   c.Bool("expand-tag"),
-			Args:                        c.StringSlice("args"),
-			Target:                      c.String("target"),
-			Repo:                        fmt.Sprintf("%s/%s", c.String("registry"), c.String("repo")),
-			Mirrors:                     c.StringSlice("registry-mirrors"),
-			Labels:                      c.StringSlice("custom-labels"),
-			SnapshotMode:                c.String("snapshot-mode"),
-			EnableCache:                 c.Bool("enable-cache"),
-			CacheRepo:                   fmt.Sprintf("%s/%s", c.String("registry"), c.String("cache-repo")),
-			CacheTTL:                    c.Int("cache-ttl"),
-			DigestFile:                  defaultDigestFile,
-			NoPush:                      noPush,
-			Verbosity:                   c.String("verbosity"),
-			Platform:                    c.String("platform"),
-			SkipUnusedStages:            c.Bool("skip-unused-stages"),
-			CacheDir:                    c.String("cache-dir"),
-			CacheCopyLayers:             c.Bool("cache-copy-layers"),
-			CacheRunLayers:              c.Bool("cache-run-layers"),
-			Cleanup:                     c.Bool("cleanup"),
-			ContextSubPath:              c.String("context-sub-path"),
-			CustomPlatform:              c.String("custom-platform"),
-			Force:                       c.Bool("force"),
-			ImageNameWithDigestFile:     c.String("image-name-with-digest-file"),
-			ImageNameTagWithDigestFile:  c.String("image-name-tag-with-digest-file"),
-			Insecure:                    c.Bool("insecure"),
-			InsecurePull:                c.Bool("insecure-pull"),
-			InsecureRegistry:            c.String("insecure-registry"),
-			Label:                       c.String("label"),
-			LogFormat:                   c.String("log-format"),
-			LogTimestamp:                c.Bool("log-timestamp"),
-			OCILayoutPath:               c.String("oci-layout-path"),
-			PushRetry:                   c.Int("push-retry"),
-			RegistryCertificate:         c.String("registry-certificate"),
-			RegistryClientCert:          c.String("registry-client-cert"),
-			SkipDefaultRegistryFallback: c.Bool("skip-default-registry-fallback"),
-			Reproducible:                c.Bool("reproducible"),
-			SingleSnapshot:              c.Bool("single-snapshot"),
-			SkipTLSVerify:               c.Bool("skip-tls-verify"),
-			SkipPushPermissionCheck:     c.Bool("skip-push-permission-check"),
-			SkipTLSVerifyPull:           c.Bool("skip-tls-verify-pull"),
-			SkipTLSVerifyRegistry:       c.Bool("skip-tls-verify-registry"),
-			UseNewRun:                   c.Bool("use-new-run"),
-			IgnorePath:                  c.String("ignore-path"),
-			ImageFSExtractRetry:         c.Int("image-fs-extract-retry"),
-			ImageDownloadRetry:          c.Int("image-download-retry"),
-		},
-		Artifact: kaniko.Artifact{
-			Tags:         c.StringSlice("tags"),
-			Repo:         c.String("repo"),
-			Registry:     c.String("registry"),
-			ArtifactFile: c.String("artifact-file"),
-			RegistryType: artifact.GAR,
-		},
-	}
-	if c.IsSet("compressed-caching") {
-		flag := c.Bool("compressed-caching")
-		plugin.Build.CompressedCaching = &flag
-	}
-	if c.IsSet("ignore-var-run") {
-		flag := c.Bool("ignore-var-run")
-		plugin.Build.IgnoreVarRun = &flag
-	}
-	return plugin.Exec()
-}
-
-func setDockerAuth(dockerUsername, dockerPassword, dockerRegistry string) (error) {
-	dockerConfig := docker.NewConfig()
-	dockerRegistryCreds := docker.RegistryCredentials{
-		Registry: dockerRegistry,
-		Username: dockerUsername,
-		Password: dockerPassword,
-	}
-	credentials := []docker.RegistryCredentials{dockerRegistryCreds}
-
-	return dockerConfig.CreateDockerConfig(credentials, dockerConfigPath)
-}
-
-func setupGARAuth(jsonKey string) error {
-	err := ioutil.WriteFile(garKeyPath, []byte(jsonKey), 0644)
-	if err != nil {
-		return errors.Wrap(err, "failed to write GAR JSON key")
-	}
-
-	err = os.Setenv(garEnvVariable, garKeyPath)
-	if err != nil {
-		return errors.Wrap(err, fmt.Sprintf("failed to set %s environment variable", garEnvVariable))
-	}
-	return nil
-}

cmd/kaniko-gcr/main.go

@@ -11,17 +11,12 @@ import (
 	"github.com/urfave/cli"
 
 	kaniko "github.com/drone/drone-kaniko"
-	"github.com/drone/drone-kaniko/pkg/artifact"
-	"github.com/drone/drone-kaniko/pkg/docker"
 )
 
 const (
-	dockerConfigPath string = "/kaniko/.docker"
 	// GCR JSON key file path
-	gcrKeyPath       string = "/kaniko/config.json"
-	gcrEnvVariable   string = "GOOGLE_APPLICATION_CREDENTIALS"
-
-	defaultDigestFile string = "/kaniko/digest-file"
+	gcrKeyPath     string = "/kaniko/config.json"
+	gcrEnvVariable string = "GOOGLE_APPLICATION_CREDENTIALS"
 )
 
 var (
@@ -31,9 +26,7 @@ var (
 func main() {
 	// Load env-file if it exists first
 	if env := os.Getenv("PLUGIN_ENV_FILE"); env != "" {
-		if err := godotenv.Load(env); err != nil {
-			logrus.Fatal(err)
-		}
+		godotenv.Load(env)
 	}
 
 	app := cli.NewApp()
@@ -54,16 +47,6 @@ func main() {
 			Value:  ".",
 			EnvVar: "PLUGIN_CONTEXT",
 		},
-		cli.StringFlag{
-			Name:   "drone-commit-ref",
-			Usage:  "git commit ref passed by Drone",
-			EnvVar: "DRONE_COMMIT_REF",
-		},
-		cli.StringFlag{
-			Name:   "drone-repo-branch",
-			Usage:  "git repository default branch passed by Drone",
-			EnvVar: "DRONE_REPO_BRANCH",
-		},
 		cli.StringSliceFlag{
 			Name:     "tags",
 			Usage:    "build tags",
@@ -71,21 +54,6 @@ func main() {
 			EnvVar:   "PLUGIN_TAGS",
 			FilePath: ".tags",
 		},
-		cli.BoolFlag{
-			Name:   "expand-tag",
-			Usage:  "enable for semver tagging",
-			EnvVar: "PLUGIN_EXPAND_TAG",
-		},
-		cli.BoolFlag{
-			Name:   "auto-tag",
-			Usage:  "enable auto generation of build tags",
-			EnvVar: "PLUGIN_AUTO_TAG",
-		},
-		cli.StringFlag{
-			Name:   "auto-tag-suffix",
-			Usage:  "the suffix of auto build tags",
-			EnvVar: "PLUGIN_AUTO_TAG_SUFFIX",
-		},
 		cli.StringSliceFlag{
 			Name:   "args",
 			Usage:  "build args",
@@ -110,229 +78,13 @@ func main() {
 			Name:   "registry",
 			Usage:  "gcr registry",
 			Value:  "gcr.io",
-			EnvVar: "PLUGIN_REGISTRY,BASE_REGISTRY",
-		},
-		cli.StringFlag{
-			Name:   "base-image-username",
-			Usage:  "Docker username for base image registry",
-			EnvVar: "PLUGIN_DOCKER_USERNAME,PLUGIN_BASE_IMAGE_USERNAME,DOCKER_USERNAME",
-		},
-		cli.StringFlag{
-			Name:   "base-image-password",
-			Usage:  "Docker password for base image registry",
-			EnvVar: "PLUGIN_DOCKER_PASSWORD,PLUGIN_BASE_IMAGE_PASSWORD,DOCKER_PASSWORD",
-		},
-		cli.StringFlag{
-			Name:   "base-image-registry",
-			Usage:  "Docker registry for base image registry",
-			EnvVar: "PLUGIN_DOCKER_REGISTRY,PLUGIN_BASE_IMAGE_REGISTRY,DOCKER_REGISTRY",
-		},
-		cli.StringSliceFlag{
-			Name:   "registry-mirrors",
-			Usage:  "docker registry mirrors",
-			EnvVar: "PLUGIN_REGISTRY_MIRRORS",
+			EnvVar: "PLUGIN_REGISTRY",
 		},
 		cli.StringFlag{
 			Name:   "json-key",
 			Usage:  "docker username",
 			EnvVar: "PLUGIN_JSON_KEY",
 		},
-		cli.StringFlag{
-			Name:   "snapshot-mode",
-			Usage:  "Specify one of full, redo or time as snapshot mode",
-			EnvVar: "PLUGIN_SNAPSHOT_MODE",
-		},
-		cli.BoolFlag{
-			Name:   "enable-cache",
-			Usage:  "Set this flag to opt into caching with kaniko",
-			EnvVar: "PLUGIN_ENABLE_CACHE",
-		},
-		cli.StringFlag{
-			Name:   "cache-repo",
-			Usage:  "Remote repository that will be used to store cached layers. Cache repo should be present in specified registry. enable-cache needs to be set to use this flag",
-			EnvVar: "PLUGIN_CACHE_REPO",
-		},
-		cli.IntFlag{
-			Name:   "cache-ttl",
-			Usage:  "Cache timeout in hours. Defaults to two weeks.",
-			EnvVar: "PLUGIN_CACHE_TTL",
-		},
-		cli.StringFlag{
-			Name:   "artifact-file",
-			Usage:  "Artifact file location that will be generated by the plugin. This file will include information of docker images that are uploaded by the plugin.",
-			EnvVar: "PLUGIN_ARTIFACT_FILE",
-		},
-		cli.BoolFlag{
-			Name:   "no-push",
-			Usage:  "Set this flag if you only want to build the image, without pushing to a registry",
-			EnvVar: "PLUGIN_NO_PUSH",
-		},
-		cli.StringFlag{
-			Name:   "verbosity",
-			Usage:  "Set this flag as --verbosity=<panic|fatal|error|warn|info|debug|trace> to set the logging level for kaniko. Defaults to info.",
-			EnvVar: "PLUGIN_VERBOSITY",
-		},
-		cli.StringFlag{
-			Name:   "platform",
-			Usage:  "Allows to build with another default platform than the host, similarly to docker build --platform",
-			EnvVar: "PLUGIN_PLATFORM",
-		},
-		cli.BoolFlag{
-			Name:   "skip-unused-stages",
-			Usage:  "build only used stages",
-			EnvVar: "PLUGIN_SKIP_UNUSED_STAGES",
-		},
-		cli.StringFlag{
-			Name:   "cache-dir",
-			Usage:  "Set this flag to specify a local directory cache for base images",
-			EnvVar: "PLUGIN_CACHE_DIR",
-		},
-
-		cli.BoolFlag{
-			Name:   "cache-copy-layers",
-			Usage:  "Enable or disable copying layers from the cache.",
-			EnvVar: "PLUGIN_CACHE_COPY_LAYERS",
-		},
-		cli.BoolFlag{
-			Name:   "cache-run-layers",
-			Usage:  "Enable or disable running layers from the cache.",
-			EnvVar: "PLUGIN_CACHE_RUN_LAYERS",
-		},
-		cli.BoolFlag{
-			Name:   "cleanup",
-			Usage:  "Enable or disable cleanup of temporary files.",
-			EnvVar: "PLUGIN_CLEANUP",
-		},
-		cli.BoolFlag{
-			Name:   "compressed-caching",
-			Usage:  "Enable or disable compressed caching.",
-			EnvVar: "PLUGIN_COMPRESSED_CACHING",
-		},
-		cli.StringFlag{
-			Name:   "context-sub-path",
-			Usage:  "Sub-path within the context to build.",
-			EnvVar: "PLUGIN_CONTEXT_SUB_PATH",
-		},
-		cli.StringFlag{
-			Name:   "custom-platform",
-			Usage:  "Platform to use for building.",
-			EnvVar: "PLUGIN_CUSTOM_PLATFORM",
-		},
-		cli.BoolFlag{
-			Name:   "force",
-			Usage:  "Force building the image even if it already exists.",
-			EnvVar: "PLUGIN_FORCE",
-		},
-		cli.StringFlag{
-			Name:   "image-name-with-digest-file",
-			Usage:  "Write image name with digest to a file.",
-			EnvVar: "PLUGIN_IMAGE_NAME_WITH_DIGEST_FILE",
-		},
-		cli.StringFlag{
-			Name:   "image-name-tag-with-digest-file",
-			Usage:  "Write image name with tag and digest to a file.",
-			EnvVar: "PLUGIN_IMAGE_NAME_TAG_WITH_DIGEST_FILE",
-		},
-		cli.BoolFlag{
-			Name:   "insecure",
-			Usage:  "Allow connecting to registries without TLS.",
-			EnvVar: "PLUGIN_INSECURE",
-		},
-		cli.BoolFlag{
-			Name:   "insecure-pull",
-			Usage:  "Allow insecure pulls from the registry.",
-			EnvVar: "PLUGIN_INSECURE_PULL",
-		},
-		cli.StringFlag{
-			Name:   "insecure-registry",
-			Usage:  "Use plain HTTP for registry communication.",
-			EnvVar: "PLUGIN_INSECURE_REGISTRY",
-		},
-		cli.StringFlag{
-			Name:   "log-format",
-			Usage:  "Set the log format for build output.",
-			EnvVar: "PLUGIN_LOG_FORMAT",
-		},
-		cli.BoolFlag{
-			Name:   "log-timestamp",
-			Usage:  "Show timestamps in build output.",
-			EnvVar: "PLUGIN_LOG_TIMESTAMP",
-		},
-		cli.StringFlag{
-			Name:   "oci-layout-path",
-			Usage:  "Directory to store OCI layout.",
-			EnvVar: "PLUGIN_OCI_LAYOUT_PATH",
-		},
-		cli.IntFlag{
-			Name:   "push-retry",
-			Usage:  "Number of times to retry pushing an image.",
-			EnvVar: "PLUGIN_PUSH_RETRY",
-		},
-		cli.StringFlag{
-			Name:   "registry-certificate",
-			Usage:  "Path to a file containing a registry certificate.",
-			EnvVar: "PLUGIN_REGISTRY_CERTIFICATE",
-		},
-		cli.StringFlag{
-			Name:   "registry-client-cert",
-			Usage:  "Path to a file containing a registry client certificate.",
-			EnvVar: "PLUGIN_REGISTRY_CLIENT_CERT",
-		},
-		cli.BoolFlag{
-			Name:   "skip-default-registry-fallback",
-			Usage:  "Skip Docker Hub and default registry fallback.",
-			EnvVar: "PLUGIN_SKIP_DEFAULT_REGISTRY_FALLBACK",
-		},
-		cli.BoolFlag{
-			Name:   "reproducible",
-			Usage:  "Create a reproducible image.",
-			EnvVar: "PLUGIN_REPRODUCIBLE",
-		},
-		cli.BoolFlag{
-			Name:   "single-snapshot",
-			Usage:  "Only create a single snapshot of the image.",
-			EnvVar: "PLUGIN_SINGLE_SNAPSHOT",
-		},
-		cli.BoolFlag{
-			Name:   "skip-push-permission-check",
-			Usage:  "Skip permission check when pushing.",
-			EnvVar: "PLUGIN_SKIP_PUSH_PERMISSION_CHECK",
-		},
-		cli.BoolFlag{
-			Name:   "skip-tls-verify-pull",
-			Usage:  "Skip TLS verification when pulling.",
-			EnvVar: "PLUGIN_SKIP_TLS_VERIFY_PULL",
-		},
-		cli.BoolFlag{
-			Name:   "skip-tls-verify-registry",
-			Usage:  "Skip TLS verification when connecting to a registry.",
-			EnvVar: "PLUGIN_SKIP_TLS_VERIFY_REGISTRY",
-		},
-		cli.BoolFlag{
-			Name:   "use-new-run",
-			Usage:  "Skip TLS verification when connecting to a registry.",
-			EnvVar: "PLUGIN_USE_NEW_RUN",
-		},
-		cli.BoolFlag{
-			Name:   "ignore-var-run",
-			Usage:  "Ignore the /var/run directory during build.",
-			EnvVar: "PLUGIN_IGNORE_VAR_RUN",
-		},
-		cli.StringFlag{
-			Name:   "ignore-path",
-			Usage:  "Path to ignore during the build.",
-			EnvVar: "PLUGIN_IGNORE_PATH",
-		},
-		cli.IntFlag{
-			Name:   "image-fs-extract-retry",
-			Usage:  "Number of retries for extracting filesystem layers.",
-			EnvVar: "PLUGIN_IMAGE_FS_EXTRACT_RETRY",
-		},
-		cli.IntFlag{
-			Name:   "image-download-retry",
-			Usage:  "Number of retries for downloading base images.",
-			EnvVar: "PLUGIN_IMAGE_DOWNLOAD_RETRY",
-		},
 	}
 
 	if err := app.Run(os.Args); err != nil {
@@ -341,115 +93,34 @@ func main() {
 }
 
 func run(c *cli.Context) error {
-	noPush := c.Bool("no-push")
-	jsonKey := c.String("json-key")
+	err := setupGCRAuth(c.String("json-key"))
+	if err != nil {
+		return err
+	}
 
-	// JSON key may not be set in the following cases:
-	// 1. Image does not need to be pushed to GCR.
-	// 2. Workload identity is set on GKE in which pod will inherit the credentials via service account.
-	if jsonKey != "" {
-		if err := setupGCRAuth(jsonKey); err != nil {
-			return err
-		}
-
-		// setup docker config only when base image registry is specified
-		if c.String("base-image-registry") != ""{
-			if err := setDockerAuth(
-				c.String("base-image-username"),
-				c.String("base-image-password"),
-				c.String("base-image-registry"),
-			); err != nil {
-				return errors.Wrap(err, "failed to create docker config")
-			}
-		}
+	if c.String("repo") == "" {
+		return fmt.Errorf("repo must be specified")
 	}
 
 	plugin := kaniko.Plugin{
 		Build: kaniko.Build{
-			DroneCommitRef:              c.String("drone-commit-ref"),
-			DroneRepoBranch:             c.String("drone-repo-branch"),
-			Dockerfile:                  c.String("dockerfile"),
-			Context:                     c.String("context"),
-			Tags:                        c.StringSlice("tags"),
-			AutoTag:                     c.Bool("auto-tag"),
-			AutoTagSuffix:               c.String("auto-tag-suffix"),
-			ExpandTag:                   c.Bool("expand-tag"),
-			Args:                        c.StringSlice("args"),
-			Target:                      c.String("target"),
-			Repo:                        fmt.Sprintf("%s/%s", c.String("registry"), c.String("repo")),
-			Mirrors:                     c.StringSlice("registry-mirrors"),
-			Labels:                      c.StringSlice("custom-labels"),
-			SnapshotMode:                c.String("snapshot-mode"),
-			EnableCache:                 c.Bool("enable-cache"),
-			CacheRepo:                   fmt.Sprintf("%s/%s", c.String("registry"), c.String("cache-repo")),
-			CacheTTL:                    c.Int("cache-ttl"),
-			DigestFile:                  defaultDigestFile,
-			NoPush:                      noPush,
-			Verbosity:                   c.String("verbosity"),
-			Platform:                    c.String("platform"),
-			SkipUnusedStages:            c.Bool("skip-unused-stages"),
-			CacheDir:                    c.String("cache-dir"),
-			CacheCopyLayers:             c.Bool("cache-copy-layers"),
-			CacheRunLayers:              c.Bool("cache-run-layers"),
-			Cleanup:                     c.Bool("cleanup"),
-			ContextSubPath:              c.String("context-sub-path"),
-			CustomPlatform:              c.String("custom-platform"),
-			Force:                       c.Bool("force"),
-			ImageNameWithDigestFile:     c.String("image-name-with-digest-file"),
-			ImageNameTagWithDigestFile:  c.String("image-name-tag-with-digest-file"),
-			Insecure:                    c.Bool("insecure"),
-			InsecurePull:                c.Bool("insecure-pull"),
-			InsecureRegistry:            c.String("insecure-registry"),
-			Label:                       c.String("label"),
-			LogFormat:                   c.String("log-format"),
-			LogTimestamp:                c.Bool("log-timestamp"),
-			OCILayoutPath:               c.String("oci-layout-path"),
-			PushRetry:                   c.Int("push-retry"),
-			RegistryCertificate:         c.String("registry-certificate"),
-			RegistryClientCert:          c.String("registry-client-cert"),
-			SkipDefaultRegistryFallback: c.Bool("skip-default-registry-fallback"),
-			Reproducible:                c.Bool("reproducible"),
-			SingleSnapshot:              c.Bool("single-snapshot"),
-			SkipTLSVerify:               c.Bool("skip-tls-verify"),
-			SkipPushPermissionCheck:     c.Bool("skip-push-permission-check"),
-			SkipTLSVerifyPull:           c.Bool("skip-tls-verify-pull"),
-			SkipTLSVerifyRegistry:       c.Bool("skip-tls-verify-registry"),
-			UseNewRun:                   c.Bool("use-new-run"),
-			IgnorePath:                  c.String("ignore-path"),
-			ImageFSExtractRetry:         c.Int("image-fs-extract-retry"),
-			ImageDownloadRetry:          c.Int("image-download-retry"),
+			Dockerfile: c.String("dockerfile"),
+			Context:    c.String("context"),
+			Tags:       c.StringSlice("tags"),
+			Args:       c.StringSlice("args"),
+			Target:     c.String("target"),
+			Repo:       fmt.Sprintf("%s/%s", c.String("registry"), c.String("repo")),
+			Labels:     c.StringSlice("custom-labels"),
 		},
-		Artifact: kaniko.Artifact{
-			Tags:         c.StringSlice("tags"),
-			Repo:         c.String("repo"),
-			Registry:     c.String("registry"),
-			ArtifactFile: c.String("artifact-file"),
-			RegistryType: artifact.GCR,
-		},
-	}
-	if c.IsSet("compressed-caching") {
-		flag := c.Bool("compressed-caching")
-		plugin.Build.CompressedCaching = &flag
-	}
-	if c.IsSet("ignore-var-run") {
-		flag := c.Bool("ignore-var-run")
-		plugin.Build.IgnoreVarRun = &flag
 	}
 	return plugin.Exec()
 }
 
-func setDockerAuth(dockerUsername, dockerPassword, dockerRegistry string) (error) {
-	dockerConfig := docker.NewConfig()
-	dockerRegistryCreds := docker.RegistryCredentials{
-		Registry: dockerRegistry,
-		Username: dockerUsername,
-		Password: dockerPassword,
-	}
-	credentials := []docker.RegistryCredentials{dockerRegistryCreds}
-	return dockerConfig.CreateDockerConfig(credentials, dockerConfigPath)
-}
-
 func setupGCRAuth(jsonKey string) error {
+	if jsonKey == "" {
+		return fmt.Errorf("GCR JSON key must be specified")
+	}
+
 	err := ioutil.WriteFile(gcrKeyPath, []byte(jsonKey), 0644)
 	if err != nil {
 		return errors.Wrap(err, "failed to write GCR JSON key")

docker/acr/Dockerfile.linux.amd64

@@ -1,5 +0,0 @@
-FROM gcr.io/kaniko-project/executor:v1.20.1
-
-ENV KANIKO_VERSION=1.20.1
-ADD release/linux/amd64/kaniko-acr /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-acr"]

docker/acr/Dockerfile.linux.arm64

@@ -1,8 +0,0 @@
-FROM gcr.io/kaniko-project/executor:v1.20.1
-
-ENV HOME /root
-ENV USER root
-
-ENV KANIKO_VERSION=1.20.1
-ADD release/linux/arm64/kaniko-acr /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-acr"]

docker/acr/manifest.tmpl

@@ -1,18 +0,0 @@
-image: plugins/kaniko-acr:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
-{{#if build.tags}}
-tags:
-{{#each build.tags}}
-  - {{this}}
-{{/each}}
-{{/if}}
-manifests:
-  -
-    image: plugins/kaniko-acr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
-    platform:
-      architecture: amd64
-      os: linux
-  -
-    image: plugins/kaniko-acr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
-    platform:
-      architecture: arm64
-      os: linux

docker/docker/Dockerfile.linux.amd64

@@ -1,5 +1,4 @@
-FROM gcr.io/kaniko-project/executor:v1.20.1
+FROM gcr.io/kaniko-project/executor:v1.3.0
 
-ENV KANIKO_VERSION=1.20.1
 ADD release/linux/amd64/kaniko-docker /kaniko/
 ENTRYPOINT ["/kaniko/kaniko-docker"]

docker/docker/Dockerfile.linux.amd64.kaniko1.9.1

@@ -1,5 +0,0 @@
-FROM gcr.io/kaniko-project/executor:v1.9.1
-
-ENV KANIKO_VERSION=1.9.1
-ADD release/linux/amd64/kaniko-docker /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-docker"]

docker/docker/Dockerfile.linux.arm64

@@ -1,8 +1,7 @@
-FROM gcr.io/kaniko-project/executor:v1.20.1
+FROM gcr.io/kaniko-project/executor:arm64-v1.3.0
 
 ENV HOME /root
 ENV USER root
 
-ENV KANIKO_VERSION=1.20.1
 ADD release/linux/arm64/kaniko-docker /kaniko/
 ENTRYPOINT ["/kaniko/kaniko-docker"]

docker/docker/Dockerfile.linux.arm64.kaniko1.9.1

@@ -1,5 +0,0 @@
-FROM gcr.io/kaniko-project/executor:v1.9.1
-
-ENV KANIKO_VERSION=1.9.1
-ADD release/linux/arm64/kaniko-docker /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-docker"]

docker/docker/manifest-kaniko1.9.1.tmpl

@@ -1,18 +0,0 @@
-image: plugins/kaniko:{{#if build.tag}}{{trimPrefix "v" build.tag}}-kaniko1.9.1{{else}}latest-kaniko1.9.1{{/if}}
-{{#if build.tags}}
-tags:
-{{#each build.tags}}
-  - {{this}}
-{{/each}}
-{{/if}}
-manifests:
-  -
-    image: plugins/kaniko:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64-kaniko1.9.1
-    platform:
-      architecture: amd64
-      os: linux
-  -
-    image: plugins/kaniko:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64-kaniko1.9.1
-    platform:
-      architecture: arm64
-      os: linux

docker/docker/manifest.tmpl

@@ -11,8 +11,3 @@ manifests:
     platform:
       architecture: amd64
       os: linux
-  -
-    image: plugins/kaniko:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
-    platform:
-      architecture: arm64
-      os: linux

docker/ecr/Dockerfile.linux.amd64

@@ -1,5 +1,4 @@
-FROM gcr.io/kaniko-project/executor:v1.20.1
+FROM gcr.io/kaniko-project/executor:v1.3.0
 
-ENV KANIKO_VERSION=1.20.1
 ADD release/linux/amd64/kaniko-ecr /kaniko/
 ENTRYPOINT ["/kaniko/kaniko-ecr"]

docker/ecr/Dockerfile.linux.amd64.kaniko1.9.1

@@ -1,5 +0,0 @@
-FROM gcr.io/kaniko-project/executor:v1.9.1
-
-ENV KANIKO_VERSION=1.9.1
-ADD release/linux/amd64/kaniko-ecr /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-ecr"]

docker/ecr/Dockerfile.linux.arm64

@@ -1,8 +1,7 @@
-FROM gcr.io/kaniko-project/executor:v1.20.1
+FROM gcr.io/kaniko-project/executor:arm64-v1.3.0
 
 ENV HOME /root
 ENV USER root
-ENV KANIKO_VERSION=1.20.1
 
 ADD release/linux/arm64/kaniko-ecr /kaniko/
 ENTRYPOINT ["/kaniko/kaniko-ecr"]

docker/ecr/Dockerfile.linux.arm64.kaniko1.9.1

@@ -1,5 +0,0 @@
-FROM gcr.io/kaniko-project/executor:v1.9.1
-
-ENV KANIKO_VERSION=1.9.1
-ADD release/linux/arm64/kaniko-ecr /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-ecr"]

docker/ecr/manifest-kaniko1.9.1.tmpl

@@ -1,18 +0,0 @@
-image: plugins/kaniko-ecr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-kaniko1.9.1{{else}}latest-kaniko1.9.1{{/if}}
-{{#if build.tags}}
-tags:
-{{#each build.tags}}
-  - {{this}}
-{{/each}}
-{{/if}}
-manifests:
-  -
-    image: plugins/kaniko-ecr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64-kaniko1.9.1
-    platform:
-      architecture: amd64
-      os: linux
-  -
-    image: plugins/kaniko-ecr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64-kaniko1.9.1
-    platform:
-      architecture: arm64
-      os: linux

docker/ecr/manifest.tmpl

@@ -10,9 +10,4 @@ manifests:
     image: plugins/kaniko-ecr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
     platform:
       architecture: amd64
-      os: linux
-  -
-    image: plugins/kaniko-ecr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
-    platform:
-      architecture: arm64
       os: linux

docker/gar/Dockerfile.linux.amd64

@@ -1,5 +0,0 @@
-FROM gcr.io/kaniko-project/executor:v1.20.1
-
-ENV KANIKO_VERSION=1.20.1
-ADD release/linux/amd64/kaniko-gar /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-gar"]

docker/gar/Dockerfile.linux.amd64.kaniko1.9.1

@@ -1,5 +0,0 @@
-FROM gcr.io/kaniko-project/executor:v1.9.1
-
-ENV KANIKO_VERSION=1.9.1
-ADD release/linux/amd64/kaniko-gar /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-gar"]

docker/gar/Dockerfile.linux.arm64

@@ -1,8 +0,0 @@
-FROM gcr.io/kaniko-project/executor:v1.20.1
-
-ENV HOME /root
-ENV USER root
-ENV KANIKO_VERSION=1.20.1
-
-ADD release/linux/arm64/kaniko-gar /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-gar"]

docker/gar/Dockerfile.linux.arm64.kaniko1.9.1

@@ -1,5 +0,0 @@
-FROM gcr.io/kaniko-project/executor:v1.9.1
-
-ENV KANIKO_VERSION=1.9.1
-ADD release/linux/arm64/kaniko-gar /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-gar"]

docker/gar/manifest-kaniko1.9.1.tmpl

@@ -1,18 +0,0 @@
-image: plugins/kaniko-gar:{{#if build.tag}}{{trimPrefix "v" build.tag}}-kaniko1.9.1{{else}}latest-kaniko1.9.1{{/if}}
-{{#if build.tags}}
-tags:
-{{#each build.tags}}
-  - {{this}}
-{{/each}}
-{{/if}}
-manifests:
-  -
-    image: plugins/kaniko-gar:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64-kaniko1.9.1
-    platform:
-      architecture: amd64
-      os: linux
-  -
-    image: plugins/kaniko-gar:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64-kaniko1.9.1
-    platform:
-      architecture: arm64
-      os: linux

docker/gar/manifest.tmpl

@@ -1,18 +0,0 @@
-image: plugins/kaniko-gar:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
-{{#if build.tags}}
-tags:
-{{#each build.tags}}
-  - {{this}}
-{{/each}}
-{{/if}}
-manifests:
-  -
-    image: plugins/kaniko-gar:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
-    platform:
-      architecture: amd64
-      os: linux
-  -
-    image: plugins/kaniko-gar:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
-    platform:
-      architecture: arm64
-      os: linux

docker/gcr/Dockerfile.linux.amd64

@@ -1,5 +1,4 @@
-FROM gcr.io/kaniko-project/executor:v1.20.1
+FROM gcr.io/kaniko-project/executor:v1.3.0
 
-ENV KANIKO_VERSION=1.20.1
 ADD release/linux/amd64/kaniko-gcr /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-gcr"]
+ENTRYPOINT ["/kaniko/kaniko-gcr"]

docker/gcr/Dockerfile.linux.amd64.kaniko1.9.1

@@ -1,5 +0,0 @@
-FROM gcr.io/kaniko-project/executor:v1.9.1
-
-ENV KANIKO_VERSION=1.9.1
-ADD release/linux/amd64/kaniko-gcr /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-gcr"]

docker/gcr/Dockerfile.linux.arm64

@@ -1,8 +1,7 @@
-FROM gcr.io/kaniko-project/executor:v1.20.1
+FROM gcr.io/kaniko-project/executor:arm64-v1.3.0
 
 ENV HOME /root
 ENV USER root
-ENV KANIKO_VERSION=1.20.1
 
 ADD release/linux/arm64/kaniko-gcr /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-gcr"]
+ENTRYPOINT ["/kaniko/kaniko-gcr"]

docker/gcr/Dockerfile.linux.arm64.kaniko1.9.1

@@ -1,5 +0,0 @@
-FROM gcr.io/kaniko-project/executor:v1.9.1
-
-ENV KANIKO_VERSION=1.9.1
-ADD release/linux/arm64/kaniko-gcr /kaniko/
-ENTRYPOINT ["/kaniko/kaniko-gcr"]

docker/gcr/manifest-kaniko1.9.1.tmpl

@@ -1,18 +0,0 @@
-image: plugins/kaniko-gcr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-kaniko1.9.1{{else}}latest-kaniko1.9.1{{/if}}
-{{#if build.tags}}
-tags:
-{{#each build.tags}}
-  - {{this}}
-{{/each}}
-{{/if}}
-manifests:
-  -
-    image: plugins/kaniko-gcr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64-kaniko1.9.1
-    platform:
-      architecture: amd64
-      os: linux
-  -
-    image: plugins/kaniko-gcr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64-kaniko1.9.1
-    platform:
-      architecture: arm64
-      os: linux

docker/gcr/manifest.tmpl

@@ -11,8 +11,3 @@ manifests:
     platform:
       architecture: amd64
       os: linux
-  -
-    image: plugins/kaniko-gcr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
-    platform:
-      architecture: arm64
-      os: linux

git-hooks/README.md

@@ -1,8 +0,0 @@
-This document explains on how to install certain git hooks globally for all repositories in your machine.
-
-Step 1: git clone https://github.com/drone/drone-kaniko.git
-Step 2: cd git-hooks
-Step 3: Run install.sh
-
-"install.sh" script will create .git_template in the user directory and will put the git hook and its dependent scripts in it. Along with the .git_template folder, it will add 2 sections "init" and "hooks boolean" in the .gitconfig file in the same user's root directory.
-After running "install.sh" if you create/clone a new git repository then all the hooks will get install automatically for the git repository. In case of existing git repository copy the contents of ~/.git_template/hooks into the .git/hooks directory of existing git repository.

git-hooks/hooks/git-leaks-pre-commit.sh

@@ -1,17 +0,0 @@
-#!/bin/bash
-
-#Helper script to be used as a pre-commit hook.
-
-echo "This hook checks for any secrets getting pushed as part of commit. If you feel that scan is false positive. \
-Then add the exclusion in .gitleaksignore file. For more info visit: https://github.com/zricethezav/gitleaks"
-
-GIT_LEAKS_PRE_COMMIT=s$(git config --bool hook.pre-commit.gitleak)
-
-echo "INFO: Scanning Commits information for any GIT LEAKS"
-gitleaks protect --staged -v --exit-code=100
-STATUS=$?
-if [ $STATUS = 100  ]; then
-    echo "WARNING: GIT LEAKS has detected sensitive information in your changes. Please remove them or add them (IF NON-SENSITIVE) in .gitleaksignore file."
-else
-    exit 0
-fi

git-hooks/hooks/git-leaks.sh

@@ -1,18 +0,0 @@
-#!/bin/bash
-
-#Helper script to be used as a pre-commit hook.
-
-echo "This hook checks for any secrets getting pushed as part of commit. If you feel that scan is false positive. \
-Then add the exclusion in .gitleaksignore file. For more info visit: https://github.com/zricethezav/gitleaks"
-
-GIT_LEAKS=$(git config --bool hook.pre-push.gitleaks)
-
-echo "INFO: Scanning Commits information for any GIT LEAKS"
-gitleaks detect -s ./ --log-level=debug --log-opts=-1 -v
-STATUS=$?
-if [ $STATUS != 0  ]; then
-    echo "WARNING: GIT LEAKS has detected sensitive information in your changes. Please remove them or add them (IF NON-SENSITIVE) in .gitleaksignore file."
-    exit $STATUS
-else
-    exit 0
-fi

git-hooks/hooks/pre-commit

@@ -1,24 +0,0 @@
-#!/usr/bin/env bash
-
-GL_SCRIPT_PATH="$HOME/.git_template/hooks/git-leaks-pre-commit.sh"
-
-pushd `dirname $0` > /dev/null && cd ../.. && BASEDIR=$(pwd -L) && popd > /dev/null
-BASENAME=`basename $0`
-
-if git rev-parse --verify HEAD >/dev/null 2>&1
-then
-    against=HEAD
-else
-    #Initial commit : diff against an empty tree object
-    against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
-fi
-
-GIT_LEAKS_PRE_COMMIT=hook.pre-commit.gitleaks
-if [ "`git config $GIT_LEAKS_PRE_COMMIT`" == "false" ]
-then
-    echo -e '\033[0;31m' checking git leaks is disabled - to enable: '\033[0;37m'git config --unset $GIT_LEAKS_PRE_COMMIT '\033[0m'
-    echo -e '\033[0;34m' checking git leaks  ... to enable: '\033[0;37m'git config --add $GIT_LEAKS_PRE_COMMIT true '\033[0m'
-else
-    echo -e '\033[0;34m' checking for git leaks...
-    [ -f "${GL_SCRIPT_PATH}" ] && . ${GL_SCRIPT_PATH} || echo "ERROR: Hook Script Not Found..." && exit 404
-fi

git-hooks/hooks/pre-push

@@ -1,24 +0,0 @@
-#!/usr/bin/env bash
-
-GL_SCRIPT_PATH="$HOME/.git_template/hooks/git-leaks.sh"
-
-pushd `dirname $0` > /dev/null && cd ../.. && BASEDIR=$(pwd -L) && popd > /dev/null
-BASENAME=`basename $0`
-
-if git rev-parse --verify HEAD >/dev/null 2>&1
-then
-    against=HEAD
-else
-    #Initial commit : diff against an empty tree object
-    against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
-fi
-
-GIT_LEAKS=hook.pre-push.gitleaks
-if [ "`git config $GIT_LEAKS`" == "false" ]
-then
-    echo -e '\033[0;31m' checking git leaks is disabled - to enable: '\033[0;37m'git config --unset $GIT_LEAKS '\033[0m'
-    echo -e '\033[0;34m' checking git leaks  ... to enable: '\033[0;37m'git config --add $GIT_LEAKS true '\033[0m'
-else
-    echo -e '\033[0;34m' checking for git leaks...
-    [ -f "${GL_SCRIPT_PATH}" ] && . ${GL_SCRIPT_PATH} || echo "ERROR: Hook Script Not Found..." && exit 404
-fi

git-hooks/install.sh

@@ -1,44 +0,0 @@
-#!/usr/bin/env bash
-
-#Function to check if package is installed or not
-#args: $1: Name of the Package
-function check_package_installed() {
-  LOCAL_PACKAGE_NAME=$1
-  echo "Checking if $LOCAL_PACKAGE_NAME is installed or not..."
-  brew list $LOCAL_PACKAGE_NAME
-  if [ "$?" -eq 1 ];then
-    echo "Installing $LOCAL_PACKAGE_NAME package..."
-    brew install $LOCAL_PACKAGE_NAME
-  fi
-}
-
-function create_git_template() {
-    cd $BASEDIR
-    mkdir -p ~/.git_template/hooks
-    git config --global init.templatedir ${GIT_TEMPLATE}
-    git config --global --add $GIT_LEAKS true
-    git config --global --add $GIT_LEAKS_PRE_COMMIT true
-    find hooks/ -type f -exec cp "{}" ~/.git_template/hooks \;
-    #cp -f hooks/* ~/.git_template/hooks
-    cat ~/.gitconfig
-}
-
-GIT_TEMPLATE="~/.git_template"
-GIT_LEAKS=hook.pre-push.gitleaks
-GIT_LEAKS_PRE_COMMIT=hook.pre-commit.gitleaks
-
-pushd `dirname $0` && BASEDIR=$(pwd -L) && popd
-
-echo This script will install hooks that run scripts that could be updated without notice.
-
-while true; do
-    read -p "Do you wish to install these hooks?" yn
-    case $yn in
-        [Yy]* ) check_package_installed "gitleaks";
-                break;;
-        [Nn]* ) exit;;
-        * ) echo "Please answer yes or no.";;
-    esac
-done
-
-create_git_template

go.mod

@@ -1,50 +1,10 @@
 module github.com/drone/drone-kaniko
 
 require (
-	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.1.1
-	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.1.0
-	github.com/aws/aws-sdk-go v1.44.52
-	github.com/aws/aws-sdk-go-v2 v1.16.7
-	github.com/aws/aws-sdk-go-v2/config v1.15.14
-	github.com/aws/aws-sdk-go-v2/service/ecr v1.17.8
-	github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.13.8
-	github.com/aws/smithy-go v1.12.0
-	github.com/coreos/go-semver v0.3.0
-	github.com/google/go-cmp v0.5.9
-	github.com/hashicorp/go-version v1.6.0
-	github.com/joho/godotenv v1.4.0
+	github.com/joho/godotenv v1.3.0
 	github.com/pkg/errors v0.9.1
-	github.com/sirupsen/logrus v1.9.3
-	github.com/stretchr/testify v1.8.4
-	github.com/urfave/cli v1.22.9
-	golang.org/x/mod v0.17.0
+	github.com/sirupsen/logrus v1.3.0
+	github.com/urfave/cli v1.22.2
 )
 
-require (
-	github.com/Azure/azure-sdk-for-go/sdk/internal v1.0.0 // indirect
-	github.com/AzureAD/microsoft-authentication-library-for-go v0.5.3 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.12.9 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.8 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.14 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.8 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/ini v1.3.15 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.8 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.11.12 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.16.9 // indirect
-	github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
-	github.com/google/uuid v1.3.0 // indirect
-	github.com/jmespath/go-jmespath v0.4.0 // indirect
-	github.com/kylelemons/godebug v1.1.0 // indirect
-	github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
-	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa // indirect
-	golang.org/x/net v0.0.0-20220725212005-46097bf591d3 // indirect
-	golang.org/x/sys v0.19.0 // indirect
-	golang.org/x/text v0.3.7 // indirect
-	gopkg.in/yaml.v3 v3.0.1 // indirect
-)
-
-go 1.22.0
+go 1.13

go.sum

@@ -1,115 +1,32 @@
-github.com/Azure/azure-sdk-for-go/sdk/azcore v1.1.1 h1:tz19qLF65vuu2ibfTqGVJxG/zZAI27NEIIbvAOQwYbw=
-github.com/Azure/azure-sdk-for-go/sdk/azcore v1.1.1/go.mod h1:uGG2W01BaETf0Ozp+QxxKJdMBNRWPdstHG0Fmdwn1/U=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.1.0 h1:QkAcEIAKbNL4KoFr4SathZPhDhF4mVwpBMFlYjyAqy8=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.1.0/go.mod h1:bhXu1AjYL+wutSL/kpSq6s7733q2Rb0yuot9Zgfqa/0=
-github.com/Azure/azure-sdk-for-go/sdk/internal v1.0.0 h1:jp0dGvZ7ZK0mgqnTSClMxa5xuRL7NZgHameVYF6BurY=
-github.com/Azure/azure-sdk-for-go/sdk/internal v1.0.0/go.mod h1:eWRD7oawr1Mu1sLCawqVc0CUiF43ia3qQMxLscsKQ9w=
-github.com/AzureAD/microsoft-authentication-library-for-go v0.5.3 h1:TsFCaaF5tR4XN8b4zLVl/J4qMb0nf80Q4CXcpXDNJDY=
-github.com/AzureAD/microsoft-authentication-library-for-go v0.5.3/go.mod h1:Vt9sXTKwMyGcOxSmLDMnGPgqsUg7m8pe215qMLrDXw4=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/aws/aws-sdk-go v1.44.52 h1:kHLbYJj59C7VrsLM4gm7pxsvaNIvhXCCIDYEFFoQ+VE=
-github.com/aws/aws-sdk-go v1.44.52/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
-github.com/aws/aws-sdk-go-v2 v1.16.7 h1:zfBwXus3u14OszRxGcqCDS4MfMCv10e8SMJ2r8Xm0Ns=
-github.com/aws/aws-sdk-go-v2 v1.16.7/go.mod h1:6CpKuLXg2w7If3ABZCl/qZ6rEgwtjZTn4eAf4RcEyuw=
-github.com/aws/aws-sdk-go-v2/config v1.15.14 h1:+BqpqlydTq4c2et9Daury7gE+o67P4lbk7eybiCBNc4=
-github.com/aws/aws-sdk-go-v2/config v1.15.14/go.mod h1:CQBv+VVv8rR5z2xE+Chdh5m+rFfsqeY4k0veEZeq6QM=
-github.com/aws/aws-sdk-go-v2/credentials v1.12.9 h1:DloAJr0/jbvm0iVRFDFh8GlWxrOd9XKyX82U+dfVeZs=
-github.com/aws/aws-sdk-go-v2/credentials v1.12.9/go.mod h1:2Vavxl1qqQXJ8MUcQZTsIEW8cwenFCWYXtLRPba3L/o=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.8 h1:VfBdn2AxwMbFyJN/lF/xuT3SakomJ86PZu3rCxb5K0s=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.8/go.mod h1:oL1Q3KuCq1D4NykQnIvtRiBGLUXhcpY5pl6QZB2XEPU=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.14 h1:2C0pYHcUBmdzPj+EKNC4qj97oK6yjrUhc1KoSodglvk=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.14/go.mod h1:kdjrMwHwrC3+FsKhNcCMJ7tUVj/8uSD5CZXeQ4wV6fM=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.8 h1:2J+jdlBJWEmTyAwC82Ym68xCykIvnSnIN18b8xHGlcc=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.8/go.mod h1:ZIV8GYoC6WLBW5KGs+o4rsc65/ozd+eQ0L31XF5VDwk=
-github.com/aws/aws-sdk-go-v2/internal/ini v1.3.15 h1:QquxR7NH3ULBsKC+NoTpilzbKKS+5AELfNREInbhvas=
-github.com/aws/aws-sdk-go-v2/internal/ini v1.3.15/go.mod h1:Tkrthp/0sNBShQQsamR7j/zY4p19tVTAs+nnqhH6R3c=
-github.com/aws/aws-sdk-go-v2/service/ecr v1.17.8 h1:wgZo/yeY0f+2RWy2q1rTtZSPMmq37Zy3pY4QypHeurg=
-github.com/aws/aws-sdk-go-v2/service/ecr v1.17.8/go.mod h1:ItZADKTnGxqcqXABHyNpoBljQ8ORt4h+D39RToM/3Ds=
-github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.13.8 h1:uByYzUJNBrI4LN0H+HMA7yrDWQxe2f9cF7ZkiXltXRo=
-github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.13.8/go.mod h1:nPSH6Ebmb3OkKl7+CLSjx+SMBaoFKbOe9mZhTAd352k=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.8 h1:oKnAXxSF2FUvfgw8uzU/v9OTYorJJZ8eBmWhr9TWVVQ=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.8/go.mod h1:rDVhIMAX9N2r8nWxDUlbubvvaFMnfsm+3jAV7q+rpM4=
-github.com/aws/aws-sdk-go-v2/service/sso v1.11.12 h1:760bUnTX/+d693FT6T6Oa7PZHfEQT9XMFZeM5IQIB0A=
-github.com/aws/aws-sdk-go-v2/service/sso v1.11.12/go.mod h1:MO4qguFjs3wPGcCSpQ7kOFTwRvb+eu+fn+1vKleGHUk=
-github.com/aws/aws-sdk-go-v2/service/sts v1.16.9 h1:yOfILxyjmtr2ubRkRJldlHDFBhf5vw4CzhbwWIBmimQ=
-github.com/aws/aws-sdk-go-v2/service/sts v1.16.9/go.mod h1:O1IvkYxr+39hRf960Us6j0x1P8pDqhTX+oXM5kQNl/Y=
-github.com/aws/smithy-go v1.12.0 h1:gXpeZel/jPoWQ7OEmLIgCUnhkFftqNfwWUwAHSlp1v0=
-github.com/aws/smithy-go v1.12.0/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
-github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmfM=
-github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
+github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
-github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4=
-github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
-github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/dnaeon/go-vcr v1.1.0 h1:ReYa/UBrRyQdant9B4fNHGoCNKw6qh6P0fsdGmZpR7c=
-github.com/dnaeon/go-vcr v1.1.0/go.mod h1:M7tiix8f0r6mKKJ3Yq/kqU1OYf3MnfmBWVbPx/yU9ko=
-github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
-github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
-github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
-github.com/golang-jwt/jwt/v4 v4.2.0 h1:besgBTC8w8HjP6NzQdxwKH9Z5oQMZ24ThTrHp3cZ8eU=
-github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
-github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
-github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
-github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek=
-github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
-github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
-github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
-github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
-github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
-github.com/joho/godotenv v1.4.0 h1:3l4+N6zfMWnkbPEXKng2o2/MR5mSwTrBih4ZEkkz1lg=
-github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
-github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
-github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
-github.com/montanaflynn/stats v0.6.6/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow=
-github.com/pkg/browser v0.0.0-20210115035449-ce105d075bb4/go.mod h1:N6UoU20jOqggOuDwUaBQpluzLNDqif3kq9z2wpdYEfQ=
-github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU=
-github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI=
+github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc=
+github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
+github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
+github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q=
 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
-github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
-github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
-github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
-github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
-github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
-github.com/urfave/cli v1.22.9 h1:cv3/KhXGBGjEXLC4bH0sLuJ9BewaAbpk5oyMOveu4pw=
-github.com/urfave/cli v1.22.9/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
-golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa h1:zuSxTR4o9y82ebqCUJYNGJbGPo6sKVl54f/TVDObg1c=
-golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
-golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
-golang.org/x/net v0.0.0-20220725212005-46097bf591d3 h1:2yWTtPWWRcISTw3/o+s/Y4UOMnQL71DWyToOANFusCg=
-golang.org/x/net v0.0.0-20220725212005-46097bf591d3/go.mod h1:AaygXjzTFtRAg2ttMY5RMuhpJ3cNnI0XpyFJD1iQRSM=
-golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
-golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
-golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+github.com/sirupsen/logrus v1.3.0 h1:hI/7Q+DtNZ2kINb6qt/lS+IyXnHQe9e90POfeewL/ME=
+github.com/sirupsen/logrus v1.3.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
+github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/urfave/cli v1.22.2 h1:gsqYFH8bb9ekPA12kRo0hfjngWQjkJPlN9R0N78BoUo=
+github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+golang.org/x/crypto v0.0.0-20180904163835-0709b304e793 h1:u+LnwYTOOW7Ukr/fppxEb1Nwz0AtPflrblfvUudpo+I=
+golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33 h1:I6FyU15t786LL7oL/hn43zqTuEGr4PN7F4XJ1p4E3Y8=
+golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
-gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
-gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
-gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

kaniko.go

@@ -2,172 +2,32 @@ package kaniko
 
 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"os/exec"
 	"strings"
-
-	"github.com/drone/drone-kaniko/pkg/artifact"
-	"github.com/drone/drone-kaniko/pkg/output"
-	"github.com/drone/drone-kaniko/pkg/tagger"
-	"golang.org/x/mod/semver"
 )
 
 type (
 	// Build defines Docker build parameters.
 	Build struct {
-		DroneCommitRef   string   // Drone git commit reference
-		DroneRepoBranch  string   // Drone repo branch
-		Dockerfile       string   // Docker build Dockerfile
-		Context          string   // Docker build context
-		Tags             []string // Docker build tags
-		AutoTag          bool     // Set this to auto detect tags from git commits and semver-tagged labels
-		AutoTagSuffix    string   // Suffix to append to the auto detect tags
-		ExpandTag        bool     // Set this to expand the `Tags` into semver-tagged labels
-		Args             []string // Docker build args
-		Target           string   // Docker build target
-		Repo             string   // Docker build repository
-		Mirrors          []string // Docker repository mirrors
-		Labels           []string // Label map
-		SkipTlsVerify    bool     // Docker skip tls certificate verify for registry
-		SnapshotMode     string   // Kaniko snapshot mode
-		EnableCache      bool     // Whether to enable kaniko cache
-		CacheRepo        string   // Remote repository that will be used to store cached layers
-		CacheTTL         int      // Cache timeout in hours
-		DigestFile       string   // Digest file location
-		NoPush           bool     // Set this flag if you only want to build the image, without pushing to a registry
-		Verbosity        string   // Log level
-		Platform         string   // Allows to build with another default platform than the host, similarly to docker build --platform
-		SkipUnusedStages bool     // Build only used stages
-		TarPath          string   // Set this flag to save the image as a tarball at path
-
-		Cache                       bool   // Enable or disable caching during the build process.
-		CacheDir                    string // Directory to store cached layers.
-		CacheCopyLayers             bool   // Enable or disable copying layers from the cache.
-		CacheRunLayers              bool   // Enable or disable running layers from the cache.
-		Cleanup                     bool   // Enable or disable cleanup of temporary files.
-		CompressedCaching           *bool  // Enable or disable compressed caching.
-		ContextSubPath              string // Sub-path within the context to build.
-		CustomPlatform              string // Platform to use for building.
-		Force                       bool   // Force building the image even if it already exists.
-		Git                         bool   // Branch to clone if build context is a git repository .
-		ImageNameWithDigestFile     string // Write image name with digest to a file.
-		ImageNameTagWithDigestFile  string // Write image name with tag and digest to a file.
-		Insecure                    bool   // Allow connecting to registries without TLS.
-		InsecurePull                bool   // Allow insecure pulls from the registry.
-		InsecureRegistry            string // Use plain HTTP for registry communication.
-		Label                       string // Add metadata to an image.
-		LogFormat                   string // Set the log format for build output.
-		LogTimestamp                bool   // Show timestamps in build output.
-		OCILayoutPath               string // Directory to store OCI layout.
-		PushRetry                   int    // Number of times to retry pushing an image.
-		RegistryCertificate         string // Path to a file containing a registry certificate.
-		RegistryClientCert          string // Path to a file containing a registry client certificate.
-		RegistryMirror              string // Mirror for registry pulls.
-		SkipDefaultRegistryFallback bool   // Skip Docker Hub and default registry fallback.
-		Reproducible                bool   // Create a reproducible image.
-		SingleSnapshot              bool   // Only create a single snapshot of the image.
-		SkipTLSVerify               bool   // Skip TLS verification when connecting to the registry.
-		SkipPushPermissionCheck     bool   // Skip permission check when pushing.
-		SkipTLSVerifyPull           bool   // Skip TLS verification when pulling.
-		SkipTLSVerifyRegistry       bool   // Skip TLS verification when connecting to a registry.
-		UseNewRun                   bool   // Use the new container runtime (`runc`) for builds.
-		IgnoreVarRun                *bool  // Ignore `/var/run` when copying from the context.
-		IgnorePath                  string // Ignore files matching the specified path pattern.
-		ImageFSExtractRetry         int    // Number of times to retry extracting the image filesystem.
-		ImageDownloadRetry          int    // Number of times to retry downloading layers.
-	}
-
-	// Artifact defines content of artifact file
-	Artifact struct {
-		Tags         []string                  // Docker artifact tags
-		Repo         string                    // Docker artifact repository
-		Registry     string                    // Docker artifact registry
-		RegistryType artifact.RegistryTypeEnum // Rocker artifact registry type
-		ArtifactFile string                    // Artifact file location
-	}
-
-	// Output defines content of output file
-	Output struct {
-		OutputFile string // File where plugin output are saved
+		Dockerfile string   // Docker build Dockerfile
+		Context    string   // Docker build context
+		Tags       []string // Docker build tags
+		Args       []string // Docker build args
+		Target     string   // Docker build target
+		Repo       string   // Docker build repository
+		Labels     []string // Label map
 	}
 
 	// Plugin defines the Docker plugin parameters.
 	Plugin struct {
-		Build    Build    // Docker build configuration
-		Artifact Artifact // Artifact file content
-		Output   Output   // Output file content
+		Build Build // Docker build configuration
 	}
 )
 
-// labelsForTag returns the labels to use for the given tag, subject to the value of ExpandTag.
-//
-// Build information (e.g. +linux_amd64) is carried through to all labels.
-// Pre-release information (e.g. -rc1) suppresses major and major+minor auto-labels.
-func (b Build) labelsForTag(tag string) (labels []string) {
-	// We strip "v" off of the beginning of semantic versions, as they are not used in docker tags
-	const VersionPrefix = "v"
-
-	// Semantic Versions don't allow underscores, so replace them with dashes.
-	//   https://semver.org/
-	semverTag := strings.ReplaceAll(tag, "_", "-")
-
-	// Allow tags of the form "1.2.3" as well as "v1.2.3" to avoid confusion.
-	if withV := VersionPrefix + semverTag; !semver.IsValid(semverTag) && semver.IsValid(withV) {
-		semverTag = withV
-	}
-
-	// Pass through tags if expand-tag is not set, or if the tag is not a semantic version
-	if !b.ExpandTag || !semver.IsValid(semverTag) {
-		return []string{tag}
-	}
-	tag = semverTag
-
-	// If the version is pre-release, only the full release should be tagged, not the major/minor versions.
-	if semver.Prerelease(tag) != "" {
-		return []string{
-			strings.TrimPrefix(tag, VersionPrefix),
-		}
-	}
-
-	// tagFor carries any build information from the semantic version through to major and minor tags.
-	labelFor := func(base string) string {
-		return strings.TrimPrefix(base, VersionPrefix) + semver.Build(tag)
-	}
-	return []string{
-		labelFor(semver.Major(tag)),
-		labelFor(semver.MajorMinor(tag)),
-		labelFor(semver.Canonical(tag)),
-	}
-}
-
-// Returns the auto detected tags. See the AutoTag section of
-// https://plugins.drone.io/drone-plugins/drone-docker/ for more info.
-func (b Build) AutoTags() (tags []string, err error) {
-	if len(b.Tags) > 1 || len(b.Tags) == 1 && b.Tags[0] != "latest" {
-		err = fmt.Errorf("The auto-tag flag does not work with user provided tags %s", b.Tags)
-		return
-	}
-	// We have tried the best to prevent enabling auto-tag and passing in
-	// user specified at the same time. Starts to auto detect tags.
-	// Note: passing in a "latest" tag with auto-tag enabled won't trigger the
-	// early returns above, because we cannot tell if the tag is provided by
-	// the default value or by the users.
-	commitRef := b.DroneCommitRef
-	if !tagger.UseAutoTag(commitRef, b.DroneRepoBranch) {
-		err = fmt.Errorf("Could not auto detect the tag. Skipping automated docker build for commit %s", commitRef)
-		return
-	}
-	tags, err = tagger.AutoTagsSuffix(commitRef, b.AutoTagSuffix)
-	if err != nil {
-		err = fmt.Errorf("Invalid semantic version when auto detecting the tag. Skipping automated docker build for %s.", commitRef)
-	}
-	return
-}
-
 // Exec executes the plugin step
 func (p Plugin) Exec() error {
-	if !p.Build.NoPush && p.Build.Repo == "" {
+	if p.Build.Repo == "" 
 		return fmt.Errorf("repository name to publish image must be specified")
 	}
 
@@ -175,32 +35,15 @@ func (p Plugin) Exec() error {
 		return fmt.Errorf("dockerfile does not exist at path: %s", p.Build.Dockerfile)
 	}
 
-	var tags = p.Build.Tags
-	if p.Build.AutoTag && p.Build.ExpandTag {
-		return fmt.Errorf("The auto-tag flag conflicts with the expand-tag flag")
-	}
-	if p.Build.AutoTag {
-		var err error
-		tags, err = p.Build.AutoTags()
-		if err != nil {
-			return err
-		}
-	}
-
 	cmdArgs := []string{
 		fmt.Sprintf("--dockerfile=%s", p.Build.Dockerfile),
 		fmt.Sprintf("--context=dir://%s", p.Build.Context),
 	}
 
-	// Set the destination repository only when we push or save to tarball
-	if !p.Build.NoPush || p.Build.TarPath != "" {
-		for _, tag := range tags {
-			for _, label := range p.Build.labelsForTag(tag) {
-				cmdArgs = append(cmdArgs, fmt.Sprintf("--destination=%s:%s", p.Build.Repo, label))
-			}
-		}
+	// Set the destination repository
+	for _, tag := range p.Build.Tags {
+		cmdArgs = append(cmdArgs, fmt.Sprintf("--destination=%s:%s", p.Build.Repo, tag))
 	}
-
 	// Set the build arguments
 	for _, arg := range p.Build.Args {
 		cmdArgs = append(cmdArgs, fmt.Sprintf("--build-arg=%s", arg))
@@ -209,218 +52,18 @@ func (p Plugin) Exec() error {
 	for _, label := range p.Build.Labels {
 		cmdArgs = append(cmdArgs, fmt.Sprintf("--label=%s", label))
 	}
-	// Set repository mirrors
-	for _, mirror := range p.Build.Mirrors {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--registry-mirror=%s", mirror))
-	}
+
 	if p.Build.Target != "" {
 		cmdArgs = append(cmdArgs, fmt.Sprintf("--target=%s", p.Build.Target))
 	}
 
-	if p.Build.SkipTlsVerify {
-		cmdArgs = append(cmdArgs, "--skip-tls-verify=true")
-	}
-
-	if p.Build.SnapshotMode != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--snapshotMode=%s", p.Build.SnapshotMode))
-	}
-
-	if p.Build.EnableCache {
-		cmdArgs = append(cmdArgs, "--cache=true")
-
-		if p.Build.CacheRepo != "" {
-			cmdArgs = append(cmdArgs, fmt.Sprintf("--cache-repo=%s", p.Build.CacheRepo))
-		}
-	}
-
-	if p.Build.CacheTTL != 0 {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--cache-ttl=%dh", p.Build.CacheTTL))
-	}
-
-	if p.Build.DigestFile != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--digest-file=%s", p.Build.DigestFile))
-	}
-
-	if p.Build.NoPush {
-		cmdArgs = append(cmdArgs, "--no-push")
-	}
-
-	if p.Build.Verbosity != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--verbosity=%s", p.Build.Verbosity))
-	}
-
-	if p.Build.Platform != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--customPlatform=%s", p.Build.Platform))
-	}
-
-	if p.Build.SkipUnusedStages {
-		cmdArgs = append(cmdArgs, "--skip-unused-stages")
-	}
-
-	if p.Build.TarPath != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--tar-path=%s", p.Build.TarPath))
-	}
-
-	if p.Build.CacheCopyLayers {
-		cmdArgs = append(cmdArgs, "--cache-copy-layers")
-	}
-
-	if p.Build.CacheRunLayers {
-		cmdArgs = append(cmdArgs, "--cache-run-layers=true")
-	}
-
-	if p.Build.Cleanup {
-		cmdArgs = append(cmdArgs, "--cleanup=true")
-	}
-
-	if p.Build.CompressedCaching != nil {
-		if *p.Build.CompressedCaching {
-			cmdArgs = append(cmdArgs, "--compressed-caching=true")
-		} else {
-			cmdArgs = append(cmdArgs, "--compressed-caching=false")
-		}
-	}
-
-	if p.Build.ContextSubPath != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--context-sub-path=%s", p.Build.ContextSubPath))
-	}
-
-	if p.Build.CustomPlatform != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--custom-platform=%s", p.Build.CustomPlatform))
-	}
-
-	if p.Build.Force {
-		cmdArgs = append(cmdArgs, "--force")
-	}
-
-	if p.Build.Git {
-		cmdArgs = append(cmdArgs, "--git")
-	}
-
-	if p.Build.ImageNameWithDigestFile != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--image-name-with-digest-file=%s", p.Build.ImageNameWithDigestFile))
-	}
-
-	if p.Build.ImageNameTagWithDigestFile != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--image-name-tag-with-digest-file=%s", p.Build.ImageNameTagWithDigestFile))
-	}
-
-	if p.Build.Insecure {
-		cmdArgs = append(cmdArgs, "--insecure")
-	}
-
-	if p.Build.InsecurePull {
-		cmdArgs = append(cmdArgs, "--insecure-pull")
-	}
-
-	if p.Build.InsecureRegistry != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--insecure-registry=%s", p.Build.InsecureRegistry))
-	}
-
-	if p.Build.LogFormat != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--log-format=%s", p.Build.LogFormat))
-	}
-
-	if p.Build.LogTimestamp {
-		cmdArgs = append(cmdArgs, "--log-timestamp")
-	}
-
-	if p.Build.OCILayoutPath != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--oci-layout-path=%s", p.Build.OCILayoutPath))
-	}
-
-	if p.Build.PushRetry != 0 {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--push-retry=%d", p.Build.PushRetry))
-	}
-
-	if p.Build.RegistryCertificate != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--registry-certificate=%s", p.Build.RegistryCertificate))
-	}
-
-	if p.Build.RegistryClientCert != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--registry-client-cert=%s", p.Build.RegistryClientCert))
-	}
-
-	if p.Build.SkipDefaultRegistryFallback {
-		cmdArgs = append(cmdArgs, "--skip-default-registry-fallback")
-	}
-
-	if p.Build.Reproducible {
-		cmdArgs = append(cmdArgs, "--reproducible")
-	}
-
-	if p.Build.SingleSnapshot {
-		cmdArgs = append(cmdArgs, "--single-snapshot")
-	}
-
-	if p.Build.SkipPushPermissionCheck {
-		cmdArgs = append(cmdArgs, "--skip-push-permission-check")
-	}
-
-	if p.Build.SkipTLSVerifyPull {
-		cmdArgs = append(cmdArgs, "--skip-tls-verify-pull")
-	}
-
-	if p.Build.SkipTLSVerifyRegistry {
-		cmdArgs = append(cmdArgs, "--skip-tls-verify-registry")
-	}
-
-	if p.Build.UseNewRun {
-		cmdArgs = append(cmdArgs, "--use-new-run")
-	}
-
-	if p.Build.IgnoreVarRun != nil {
-		if *p.Build.IgnoreVarRun {
-			cmdArgs = append(cmdArgs, "--ignore-var-run=true")
-		} else {
-			cmdArgs = append(cmdArgs, "--ignore-var-run=false")
-		}
-	}
-
-	if p.Build.IgnorePath != "" {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--ignore-path=%s", p.Build.IgnorePath))
-	}
-
-	if p.Build.ImageFSExtractRetry != 0 {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--image-fs-extract-retry=%d", p.Build.ImageFSExtractRetry))
-	}
-
-	if p.Build.ImageDownloadRetry != 0 {
-		cmdArgs = append(cmdArgs, fmt.Sprintf("--image-download-retry=%d", p.Build.ImageDownloadRetry))
-	}
-
 	cmd := exec.Command("/kaniko/executor", cmdArgs...)
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr
 	trace(cmd)
 
 	err := cmd.Run()
-	if err != nil {
-		return err
-	}
-
-	if p.Build.DigestFile != "" && p.Artifact.ArtifactFile != "" {
-		err = artifact.WritePluginArtifactFile(p.Artifact.RegistryType, p.Artifact.ArtifactFile, p.Artifact.Registry, p.Artifact.Repo, getDigest(p.Build.DigestFile), p.Artifact.Tags)
-		if err != nil {
-			fmt.Fprintf(os.Stderr, "failed to write plugin artifact file at path: %s with error: %s\n", p.Artifact.ArtifactFile, err)
-		}
-	}
-
-	if p.Output.OutputFile != "" {
-		if err = output.WritePluginOutputFile(p.Output.OutputFile, getDigest(p.Build.DigestFile)); err != nil {
-			fmt.Fprintf(os.Stderr, "failed to write plugin output file at path: %s with error: %s\n", p.Output.OutputFile, err)
-		}
-	}
-
-	return nil
-}
-
-func getDigest(digestFile string) string {
-	content, err := ioutil.ReadFile(digestFile)
-	if err != nil {
-		fmt.Fprintf(os.Stderr, "failed to read digest file contents at path: %s with error: %s\n", digestFile, err)
-	}
-	return string(content)
+	return err
 }
 
 // trace writes each command to stdout with the command wrapped in an xml

kaniko_test.go

@@ -1,150 +1 @@
 package kaniko
-
-import (
-	"testing"
-
-	"github.com/google/go-cmp/cmp"
-)
-
-func TestBuild_labelsForTag(t *testing.T) {
-	tests := []struct {
-		name       string
-		tag        string
-		expandTags []string
-	}{
-		{
-			name:       "semver",
-			tag:        "v1.2.3",
-			expandTags: []string{"1", "1.2", "1.2.3"},
-		},
-		{
-			name:       "no_patch",
-			tag:        "v1.2",
-			expandTags: []string{"1", "1.2", "1.2.0"},
-		},
-		{
-			name:       "only_major",
-			tag:        "v1",
-			expandTags: []string{"1", "1.0", "1.0.0"},
-		},
-		{
-			name:       "full_with_build",
-			tag:        "v1.2.3+build-info",
-			expandTags: []string{"1+build-info", "1.2+build-info", "1.2.3+build-info"},
-		},
-		{
-			name:       "build_with_underscores",
-			tag:        "v1.2.3+linux_amd64",
-			expandTags: []string{"1+linux-amd64", "1.2+linux-amd64", "1.2.3+linux-amd64"},
-		},
-		{
-			name:       "prerelease",
-			tag:        "v1.2.3-rc1",
-			expandTags: []string{"1.2.3-rc1"},
-		},
-		{
-			name:       "prerelease_with_build",
-			tag:        "v1.2.3-rc1+bld",
-			expandTags: []string{"1.2.3-rc1+bld"},
-		},
-		{
-			name:       "invalid_build",
-			tag:        "v1+bld", // can only include build detail with all three elements
-			expandTags: []string{"v1+bld"},
-		},
-		{
-			name:       "accidental_non_semver",
-			tag:        "1.2.3",
-			expandTags: []string{"1", "1.2", "1.2.3"},
-		},
-		{
-			name:       "non_semver",
-			tag:        "latest",
-			expandTags: []string{"latest"},
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			tags := Build{ExpandTag: true}.labelsForTag(tt.tag)
-			if got, want := tags, tt.expandTags; !cmp.Equal(got, want) {
-				t.Errorf("tagsFor(%q) = %q, want %q", tt.tag, got, want)
-			}
-		})
-	}
-}
-
-func TestBuild_AutoTags(t *testing.T) {
-	tests := []struct {
-		name          string
-		repoBranch    string
-		commitRef     string
-		autoTagSuffix string
-		expectedTags  []string
-	}{
-		{
-			name:          "commit push",
-			repoBranch:    "master",
-			commitRef:     "refs/heads/master",
-			autoTagSuffix: "",
-			expectedTags:  []string{"latest"},
-		},
-		{
-			name:          "tag push",
-			repoBranch:    "master",
-			commitRef:     "refs/tags/v1.0.0",
-			autoTagSuffix: "",
-			expectedTags: []string{
-				"1",
-				"1.0",
-				"1.0.0",
-			},
-		},
-		{
-			name:          "beta tag push",
-			repoBranch:    "master",
-			commitRef:     "refs/tags/v1.0.0-beta.1",
-			autoTagSuffix: "",
-			expectedTags: []string{
-				"1.0.0-beta.1",
-			},
-		},
-		{
-			name:          "tag push with suffix",
-			repoBranch:    "master",
-			commitRef:     "refs/tags/v1.0.0",
-			autoTagSuffix: "linux-amd64",
-			expectedTags: []string{
-				"1-linux-amd64",
-				"1.0-linux-amd64",
-				"1.0.0-linux-amd64",
-			},
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			b := Build{DroneCommitRef: tt.commitRef, DroneRepoBranch: tt.repoBranch, AutoTag: true}
-			if tt.autoTagSuffix != "" {
-				b.AutoTagSuffix = tt.autoTagSuffix
-			}
-			tags, err := b.AutoTags()
-			if err != nil {
-				t.Errorf("Unexpected err %q", err)
-			}
-			if got, want := tags, tt.expectedTags; !cmp.Equal(got, want) {
-				t.Errorf("auto detected tags = %q, wanted = %q", got, want)
-			}
-		})
-	}
-	t.Run("auto-tag cannot be enabled with user provided tags", func(t *testing.T) {
-		b := Build{
-			DroneCommitRef:  "refs/tags/v1.0.0",
-			DroneRepoBranch: "master",
-			AutoTag:         true,
-			Tags:            []string{"v1"},
-		}
-		_, err := b.AutoTags()
-		if err == nil {
-			t.Errorf("Expect error for invalid flags")
-		}
-	})
-}

pkg/artifact/artifact.go

@@ -1,77 +0,0 @@
-package artifact
-
-import (
-	"encoding/json"
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-
-	"github.com/pkg/errors"
-)
-
-const (
-	dockerArtifactV1 string = "docker/v1"
-)
-
-type RegistryTypeEnum string
-
-const (
-	Docker RegistryTypeEnum = "Docker"
-	ECR    RegistryTypeEnum = "ECR"
-	GCR    RegistryTypeEnum = "GCR"
-	GAR    RegistryTypeEnum = "GAR"
-)
-
-type (
-	Image struct {
-		Image  string `json:"image"`
-		Digest string `json:"digest"`
-	}
-	Data struct {
-		RegistryType RegistryTypeEnum `json:"registryType"`
-		RegistryUrl  string           `json:"registryUrl"`
-		Images       []Image          `json:"images"`
-	}
-	DockerArtifact struct {
-		Kind string `json:"kind"`
-		Data Data   `json:"data"`
-	}
-)
-
-func WritePluginArtifactFile(registryType RegistryTypeEnum, artifactFilePath, registryUrl, imageName, digest string, tags []string) error {
-	var images []Image
-	for _, tag := range tags {
-		images = append(images, Image{
-			Image:  fmt.Sprintf("%s:%s", imageName, tag),
-			Digest: digest,
-		})
-	}
-	data := Data{
-		RegistryType: registryType,
-		RegistryUrl:  registryUrl,
-		Images:       images,
-	}
-
-	dockerArtifact := DockerArtifact{
-		Kind: dockerArtifactV1,
-		Data: data,
-	}
-
-	b, err := json.MarshalIndent(dockerArtifact, "", "\t")
-	if err != nil {
-		return errors.Wrap(err, fmt.Sprintf("failed to marshal output %+v", dockerArtifact))
-	}
-
-	dir := filepath.Dir(artifactFilePath)
-	err = os.MkdirAll(dir, 0644)
-	if err != nil {
-		return errors.Wrap(err, fmt.Sprintf("failed to create %s directory for artifact file", dir))
-	}
-
-	err = ioutil.WriteFile(artifactFilePath, b, 0644)
-	if err != nil {
-		return errors.Wrap(err, fmt.Sprintf("failed to write artifact to artifact file %s", artifactFilePath))
-	}
-	return nil
-}

pkg/artifact/artifact.json

@@ -1,17 +0,0 @@
-{
-	"kind": "docker/v1",
-	"data": {
-		"registryType": "Docker",
-		"registryUrl": "https://index.docker.io/",
-		"images": [
-			{
-				"image": "image:a1",
-				"digest": "sha256:22332233"
-			},
-			{
-				"image": "image:latest",
-				"digest": "sha256:22332233"
-			}
-		]
-	}
-}

pkg/artifact/artifact_test.go

@@ -1,38 +0,0 @@
-package artifact
-
-import (
-	"io/ioutil"
-	"testing"
-)
-
-func TestWritePluginArtifactFile(t *testing.T) {
-
-	testFile := t.TempDir() + "got.json"
-
-	err := WritePluginArtifactFile(Docker, testFile, "https://index.docker.io/", "image", "sha256:22332233", []string{"a1", "latest"})
-	if err != nil {
-		t.Error(err)
-		t.FailNow()
-	}
-
-	gotBytes, err := ioutil.ReadFile(testFile)
-	if err != nil {
-		t.Error(err)
-		t.FailNow()
-	}
-
-	wantBytes, err := ioutil.ReadFile("./artifact.json")
-	if err != nil {
-		t.Error(err)
-		t.FailNow()
-	}
-
-	got := string(gotBytes)
-	want := string(wantBytes)
-
-	if got != want {
-		t.Logf("got:%s", got)
-		t.Logf("want:%s", want)
-		t.FailNow()
-	}
-}

pkg/docker/config.go

@@ -1,97 +0,0 @@
-package docker
-
-import (
-	"encoding/base64"
-	"encoding/json"
-	"fmt"
-	"io/ioutil"
-	"os"
-
-	"github.com/pkg/errors"
-)
-
-const (
-	v2HubRegistryURL string = "https://registry.hub.docker.com/v2/"
-	v1RegistryURL    string = "https://index.docker.io/v1/" // Default registry
-	v2RegistryURL    string = "https://index.docker.io/v2/" // v2 registry is not supported
-)
-
-type (
-	Auth struct {
-		Auth string `json:"auth"`
-	}
-
-	Config struct {
-		Auths       map[string]Auth   `json:"auths"`
-		CredHelpers map[string]string `json:"credHelpers,omitempty"`
-	}
-)
-
-type RegistryCredentials struct {
-	Registry string
-	Username string
-	Password string
-}
-
-func NewConfig() *Config {
-	return &Config{
-		Auths:       make(map[string]Auth),
-		CredHelpers: make(map[string]string),
-	}
-}
-
-func (c *Config) SetAuth(registry, username, password string) {
-	authBytes := []byte(username + ":" + password)
-	encodedString := base64.StdEncoding.EncodeToString(authBytes)
-	c.Auths[registry] = Auth{Auth: encodedString}
-}
-
-func (c *Config) SetCredHelper(registry, helper string) {
-	c.CredHelpers[registry] = helper
-}
-
-func (c *Config) CreateDockerConfig(credentials []RegistryCredentials, dockerPath string) error {
-	for _, cred := range credentials {
-		if cred.Registry != "" {
-			// update v2 docker registry to v1
-			if cred.Registry == v2RegistryURL || cred.Registry == v2HubRegistryURL {
-				fmt.Printf("Docker v2 registry '%s' is not supported in kaniko. Refer issue: https://github.com/GoogleContainerTools/kaniko/issues/1209\n", cred.Registry)
-				fmt.Printf("Using v1 registry instead: %s\n", v1RegistryURL)
-				cred.Registry = v1RegistryURL
-			}
-
-			if cred.Username == "" {
-				return fmt.Errorf("Username must be specified for registry: %s", cred.Registry)
-			}
-			if cred.Password == "" {
-				return fmt.Errorf("Password must be specified for registry: %s", cred.Registry)
-			}
-			c.SetAuth(cred.Registry, cred.Username, cred.Password)
-		}
-	}
-	jsonBytes, err := json.Marshal(c)
-	if err != nil {
-		return errors.Wrap(err, "failed to serialize docker config json")
-	}
-	if err := WriteDockerConfig(jsonBytes, dockerPath); err != nil {
-		return errors.Wrap(err, fmt.Sprintf("failed to write docker config to path: %s", dockerPath))
-	}
-	return nil
-}
-
-func WriteDockerConfig(data []byte, path string) (string error) {
-	err := os.MkdirAll(path, 0600)
-	if err != nil {
-		if !os.IsExist(err) {
-			return errors.Wrap(err, fmt.Sprintf("failed to create %s directory", path))
-		}
-	}
-
-	filePath := path + "/config.json"
-
-	err = ioutil.WriteFile(filePath, data, 0644)
-	if err != nil {
-		return errors.Wrap(err, fmt.Sprintf("failed to create docker config file at %s", path))
-	}
-	return nil
-}

pkg/docker/config_test.go

@@ -1,55 +0,0 @@
-package docker
-
-import (
-	"encoding/json"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func TestConfig(t *testing.T) {
-	c := NewConfig()
-	assert.NotNil(t, c.Auths)
-	assert.NotNil(t, c.CredHelpers)
-
-	c.SetAuth(RegistryV1, "test", "password")
-	expectedAuth := Auth{Auth: "dGVzdDpwYXNzd29yZA=="}
-	assert.Equal(t, expectedAuth, c.Auths[RegistryV1])
-
-	c.SetCredHelper(RegistryECRPublic, "ecr-login")
-	assert.Equal(t, "ecr-login", c.CredHelpers[RegistryECRPublic])
-
-	tempDir, err := ioutil.TempDir("", "docker-config-test")
-	assert.NoError(t, err)
-	defer os.RemoveAll(tempDir)
-
-	credentials := []RegistryCredentials{
-		{
-			Registry: "https://index.docker.io/v1/",
-			Username: "user1",
-			Password: "pass1",
-		},
-		{
-			Registry: "gcr.io",
-			Username: "user2",
-			Password: "pass2",
-		},
-	}
-
-	err = c.CreateDockerConfig(credentials, tempDir)
-	assert.NoError(t, err)
-
-	configPath := filepath.Join(tempDir, "config.json")
-	data, err := ioutil.ReadFile(configPath)
-	assert.NoError(t, err)
-
-	var configFromFile Config
-	err = json.Unmarshal(data, &configFromFile)
-	assert.NoError(t, err)
-
-	assert.Equal(t, c.Auths, configFromFile.Auths)
-	assert.Equal(t, c.CredHelpers, configFromFile.CredHelpers)
-}

pkg/docker/constants.go

@@ -1,7 +0,0 @@
-package docker
-
-const (
-	RegistryV1        string = "https://index.docker.io/v1/"
-	RegistryV2        string = "https://index.docker.io/v2/"
-	RegistryECRPublic string = "public.ecr.aws"
-)

pkg/output/output.go

@@ -1,12 +0,0 @@
-package output
-
-import (
-	"github.com/joho/godotenv"
-)
-
-func WritePluginOutputFile(outputFilePath, digest string) error {
-	output := map[string]string{
-		"digest": digest,
-	}
-	return godotenv.Write(output, outputFilePath)
-}

pkg/tagger/tagger.go

@@ -1,95 +0,0 @@
-// A fork of https://github.com/drone-plugins/drone-docker/blob/master/tags.go
-
-package tagger
-
-import (
-	"fmt"
-	"strings"
-
-	"github.com/coreos/go-semver/semver"
-)
-
-// AutoTagsSuffix returns a set of default suggested tags
-// based on the commit ref with an attached suffix.
-func AutoTagsSuffix(ref, suffix string) ([]string, error) {
-	tags, err := AutoTags(ref)
-	if err != nil {
-		return nil, err
-	}
-	if len(suffix) == 0 {
-		return tags, nil
-	}
-	for i, tag := range tags {
-		if tag == "latest" {
-			tags[i] = suffix
-		} else {
-			tags[i] = fmt.Sprintf("%s-%s", tag, suffix)
-		}
-	}
-	return tags, nil
-}
-
-func splitOff(input string, delim string) string {
-	parts := strings.SplitN(input, delim, 2)
-
-	if len(parts) == 2 {
-		return parts[0]
-	}
-
-	return input
-}
-
-// AutoTags returns a set of default suggested tags based on
-// the commit ref.
-func AutoTags(ref string) ([]string, error) {
-	if !strings.HasPrefix(ref, "refs/tags/") {
-		return []string{"latest"}, nil
-	}
-	v := stripTagPrefix(ref)
-	version, err := semver.NewVersion(v)
-	if err != nil {
-		return []string{"latest"}, err
-	}
-	if version.PreRelease != "" || version.Metadata != "" {
-		return []string{
-			version.String(),
-		}, nil
-	}
-
-	v = stripTagPrefix(ref)
-	v = splitOff(splitOff(v, "+"), "-")
-	dotParts := strings.SplitN(v, ".", 3)
-
-	if version.Major == 0 {
-		return []string{
-			fmt.Sprintf("%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor),
-			fmt.Sprintf("%0*d.%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor, len(dotParts[2]), version.Patch),
-		}, nil
-	}
-	return []string{
-		fmt.Sprintf("%0*d", len(dotParts[0]), version.Major),
-		fmt.Sprintf("%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor),
-		fmt.Sprintf("%0*d.%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor, len(dotParts[2]), version.Patch),
-	}, nil
-}
-
-// UseAutoTag for keep only default branch for latest tag.
-func UseAutoTag(ref, defaultBranch string) bool {
-	if strings.HasPrefix(ref, "refs/tags/") {
-		return true
-	}
-	if stripHeadPrefix(ref) == defaultBranch {
-		return true
-	}
-	return false
-}
-
-func stripHeadPrefix(ref string) string {
-	return strings.TrimPrefix(ref, "refs/heads/")
-}
-
-func stripTagPrefix(ref string) string {
-	ref = strings.TrimPrefix(ref, "refs/tags/")
-	ref = strings.TrimPrefix(ref, "v")
-	return ref
-}

pkg/tagger/tagger_test.go

@@ -1,199 +0,0 @@
-// A fork of https://github.com/drone-plugins/drone-docker/blob/master/tags_test.go
-
-package tagger
-
-import (
-	"reflect"
-	"testing"
-)
-
-func Test_stripTagPrefix(t *testing.T) {
-	var tests = []struct {
-		Before string
-		After  string
-	}{
-		{"refs/tags/1.0.0", "1.0.0"},
-		{"refs/tags/v1.0.0", "1.0.0"},
-		{"v1.0.0", "1.0.0"},
-	}
-
-	for _, test := range tests {
-		got, want := stripTagPrefix(test.Before), test.After
-		if got != want {
-			t.Errorf("Got tag %s, want %s", got, want)
-		}
-	}
-}
-
-func TestAutoTags(t *testing.T) {
-	var tests = []struct {
-		Before string
-		After  []string
-	}{
-		{"", []string{"latest"}},
-		{"refs/heads/master", []string{"latest"}},
-		{"refs/tags/0.9.0", []string{"0.9", "0.9.0"}},
-		{"refs/tags/1.0.0", []string{"1", "1.0", "1.0.0"}},
-		{"refs/tags/v1.0.0", []string{"1", "1.0", "1.0.0"}},
-		{"refs/tags/v1.0.0-alpha.1", []string{"1.0.0-alpha.1"}},
-	}
-
-	for _, test := range tests {
-		tags, err := AutoTags(test.Before)
-		if err != nil {
-			t.Error(err)
-			continue
-		}
-		got, want := tags, test.After
-		if !reflect.DeepEqual(got, want) {
-			t.Errorf("Got tag %v, want %v", got, want)
-		}
-	}
-}
-
-func TestAutoTagsError(t *testing.T) {
-	var tests = []string{
-		"refs/tags/x1.0.0",
-		"refs/tags/20190203",
-	}
-
-	for _, test := range tests {
-		_, err := AutoTags(test)
-		if err == nil {
-			t.Errorf("Expect tag error for %s", test)
-		}
-	}
-}
-
-func TestAutoTagsSuffix(t *testing.T) {
-	var tests = []struct {
-		Before string
-		Suffix string
-		After  []string
-	}{
-		// without suffix
-		{
-			After: []string{"latest"},
-		},
-		{
-			Before: "refs/tags/v1.0.0",
-			After: []string{
-				"1",
-				"1.0",
-				"1.0.0",
-			},
-		},
-		// with suffix
-		{
-			Suffix: "linux-amd64",
-			After:  []string{"linux-amd64"},
-		},
-		{
-			Before: "refs/tags/v1.0.0",
-			Suffix: "linux-amd64",
-			After: []string{
-				"1-linux-amd64",
-				"1.0-linux-amd64",
-				"1.0.0-linux-amd64",
-			},
-		},
-		{
-			Suffix: "nanoserver",
-			After:  []string{"nanoserver"},
-		},
-		{
-			Before: "refs/tags/v1.9.2",
-			Suffix: "nanoserver",
-			After: []string{
-				"1-nanoserver",
-				"1.9-nanoserver",
-				"1.9.2-nanoserver",
-			},
-		},
-		{
-			Before: "refs/tags/v18.06.0",
-			Suffix: "nanoserver",
-			After: []string{
-				"18-nanoserver",
-				"18.06-nanoserver",
-				"18.06.0-nanoserver",
-			},
-		},
-	}
-
-	for _, test := range tests {
-		tag, err := AutoTagsSuffix(test.Before, test.Suffix)
-		if err != nil {
-			t.Error(err)
-			continue
-		}
-		got, want := tag, test.After
-		if !reflect.DeepEqual(got, want) {
-			t.Errorf("Got tag %v, want %v", got, want)
-		}
-	}
-}
-
-func Test_stripHeadPrefix(t *testing.T) {
-	type args struct {
-		ref string
-	}
-	tests := []struct {
-		args args
-		want string
-	}{
-		{
-			args: args{
-				ref: "refs/heads/master",
-			},
-			want: "master",
-		},
-	}
-	for _, tt := range tests {
-		if got := stripHeadPrefix(tt.args.ref); got != tt.want {
-			t.Errorf("stripHeadPrefix() = %v, want %v", got, tt.want)
-		}
-	}
-}
-
-func TestUseAutoTag(t *testing.T) {
-	type args struct {
-		ref           string
-		defaultBranch string
-	}
-	tests := []struct {
-		name string
-		args args
-		want bool
-	}{
-		{
-			name: "latest tag for default branch",
-			args: args{
-				ref:           "refs/heads/master",
-				defaultBranch: "master",
-			},
-			want: true,
-		},
-		{
-			name: "build from tags",
-			args: args{
-				ref:           "refs/tags/v1.0.0",
-				defaultBranch: "master",
-			},
-			want: true,
-		},
-		{
-			name: "skip build for not default branch",
-			args: args{
-				ref:           "refs/heads/develop",
-				defaultBranch: "master",
-			},
-			want: false,
-		},
-	}
-	for _, tt := range tests {
-		if got := UseAutoTag(tt.args.ref, tt.args.defaultBranch); got != tt.want {
-			t.Errorf("%q. UseAutoTag() = %v, want %v", tt.name, got, tt.want)
-		}
-	}
-}

scripts/build.sh

@@ -11,19 +11,13 @@ set -x
 
 # linux
 GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/kaniko-gcr    ./cmd/kaniko-gcr
-GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/kaniko-acr    ./cmd/kaniko-acr
 GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/kaniko-ecr    ./cmd/kaniko-ecr
 GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/kaniko-docker ./cmd/kaniko-docker
-GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/kaniko-gar    ./cmd/kaniko-gar
 
 GOOS=linux GOARCH=arm64 go build -o release/linux/arm64/kaniko-gcr    ./cmd/kaniko-gcr
-GOOS=linux GOARCH=arm64 go build -o release/linux/arm64/kaniko-acr    ./cmd/kaniko-acr
 GOOS=linux GOARCH=arm64 go build -o release/linux/arm64/kaniko-ecr    ./cmd/kaniko-ecr
 GOOS=linux GOARCH=arm64 go build -o release/linux/arm64/kaniko-docker ./cmd/kaniko-docker
-GOOS=linux GOARCH=arm64 go build -o release/linux/arm64/kaniko-gar    ./cmd/kaniko-gar
 
 GOOS=linux GOARCH=arm   go build -o release/linux/arm/kaniko-gcr      ./cmd/kaniko-gcr
-GOOS=linux GOARCH=arm   go build -o release/linux/arm/kaniko-acr      ./cmd/kaniko-acr
 GOOS=linux GOARCH=arm   go build -o release/linux/arm/kaniko-ecr      ./cmd/kaniko-ecr
 GOOS=linux GOARCH=arm   go build -o release/linux/arm/kaniko-docker   ./cmd/kaniko-docker
-GOOS=linux GOARCH=arm   go build -o release/linux/arm/kaniko-gar      ./cmd/kaniko-gar

scripts/docker.sh

@@ -15,12 +15,10 @@ set -x
 
 # build the binary
 go build -o release/linux/amd64/kaniko-gcr    ./cmd/kaniko-gcr
-go build -o release/linux/amd64/kaniko-gar    ./cmd/kaniko-gar
 go build -o release/linux/amd64/kaniko-ecr    ./cmd/kaniko-ecr
 go build -o release/linux/amd64/kaniko-docker ./cmd/kaniko-docker
 
 # build the docker image
 docker build -f docker/gcr/Dockerfile.linux.amd64    -t plugins/kaniko-gcr .
-docker build -f docker/gar/Dockerfile.linux.amd64    -t plugins/kaniko-gar .
 docker build -f docker/ecr/Dockerfile.linux.amd64    -t plugins/kaniko-ecr .
 docker build -f docker/docker/Dockerfile.linux.amd64 -t plugins/kaniko .